Restful API - How to Decide GET / POST / PUT / PATCH / DELETE methods
Purpose
I want to prohibit user login
At least not GET
Because it changes state.
POST? PUT? PATCH? DELETE?
How do you prevent users from logging in?
- Update and flag a user's record in the database (PATCH)
- Create non-user record in non-user table in database (POST)
- Delete a user's record in the database (DELETE)
- Realize it in some other way (???)
- By the way, I couldn't think of a PUT pattern.
Should we change the method depending on the implementation method?
If once implemented in PATCH and then changed to another implementation by refactoring etc., should I change the API method as well?
Way of thinking
What if you consider paths and methods not for internal implementation but for purpose, intent, and action?
What to do just by looking at API paths and methods
For example, in this case, it is an API endpoint of "action" of "prohibit user login".
POST / v1/user/deny
What about something?
With the intention of "creating" a resource that states that the user is not allowed to log in.
The road to the RESTful API master is still far
RESTful thought does not mean that there is an absolute golden rate, but it must be trial and error every time.
It's just an idea. No, was this the name of the thought? How was it?
If you think someone will give you the ultimate answer, you're wrong.
The road to a RESTful API master is still far away.
Original by Github issue
チャットメンバー募集
何か質問、悩み事、相談などあればLINEオープンチャットもご利用ください。
公開日時
2020-02-22
Discussion