Rant Image

The Rant

Should ID be given in URL if already secured with JWT containing ID?

Submitted by JoeClark » Mon 11-Dec-2017, 20:16

Subject Area: General

Keywords: Affiliate Marketing Examples

3 member ratings

Hi.

If I wanted to DELETE a user authenticated with a JWT token that contains the user object, should this DELETE handled go under /users or /users/?

It makes sense to have under the /users/ endpoint as you're deleting that specific item.

But also makes sense to have it under /users as then you don't have redundant data and you don't have to enter the every time you want to perform a function on your user when you already have the JWT authentication.

This idea falls to many-to-many objects too, say I wanted to access /users//games//move stripping '/users/' makes it seem like there's not 'user' resource but it makes it less clunky and again less data redundancy.

Which is more 'accepted' or 'right'?

Please Help.

Thanks,

I didn't find the right solution from the internet.
References:https://softwareengineering.stackexchange.com/questions/362060/should-id-be-given-in-url-if-already-secured-with-jwt-containing-id

Affiliate Marketing Examples


10 Comments 

Member Comments

RE: Should ID be given in URL if already secured with JWT containing ID?

dissertation help

By khatri » Tue 09-Oct-2018, 22:44, My rating: ✭ ✭ ✭ ✭ ✭

Much thanks for composing such an intriguing article on this point. This has truly made me think and I plan to peruse more dissertation help

10 Comments  • Page 1 of 10 •         1   2   3   4   5  …10 » Next

Email to a friend

Email this Rant to a friend

Email to a friend