We may allow more challenge types other than PoW in the future, eg.
captcha. So make the relevent types more generic.
Now the challenge is returned in JSON response as a individual top-level
field `register_challenge` instead of in HTTP headers.
Error types are now collected into a single place. Similar errors are
merged.
Request invariant violations are now all under 400 with type
"invalid_request" if it's a client mistake; and if it's caused by a
server restrction, under 403 with type "disabled".
We do not need that many big numbers yet. This should simplify client
implementation without native u64 (eg. JavaScript).
Also put a hard limit on `unseen_cnt` query.
Now a group can only be created with the creator as the only initial
member. This forbids group creator from adding other members without
their consent. Additional members can join the group later at their own
will.
- `Msg` or `msg` is now the canonical term for the substructure in a
room. It includes a `chat` subtype and (in the future) other
administration subtypes like member joining or leaving.
- `Message` or `message` can used in human oriented context like docs
and comments, but only when it is unambiguous.
- `message` is not chosen in code because it's hard to type (at least
for me!), and have ambiguous meaning of:
- "Human readable text" in context of `ApiError`'s field.
- "A unit of data transfer, datagram" in context of WebSocket Message.
- `item` is not chosen because it is overly generic.
- If a user is not a room member, HTTP 404 code=not_found will be
returned. This also happen for posting into not-joined public rooms,
and it can be interpreted as "room member is not found".
- If a user is a member but lacks the member permission to perform an
action, HTTP 403 code=permission_denied will be returned.
