Rant Image

The Rant

Should ID be given in URL if already secured with JWT containing ID?

Submitted by JoeClark » Mon 11-Dec-2017, 20:16

Subject Area: General

Keywords: Affiliate Marketing Examples

40 member ratings

Hi.

If I wanted to DELETE a user authenticated with a JWT token that contains the user object, should this DELETE handled go under /users or /users/?

It makes sense to have under the /users/ endpoint as you're deleting that specific item.

But also makes sense to have it under /users as then you don't have redundant data and you don't have to enter the every time you want to perform a function on your user when you already have the JWT authentication.

This idea falls to many-to-many objects too, say I wanted to access /users//games//move stripping '/users/' makes it seem like there's not 'user' resource but it makes it less clunky and again less data redundancy.

Which is more 'accepted' or 'right'?

Please Help.

Thanks,

I didn't find the right solution from the internet.
References:https://softwareengineering.stackexchange.com/questions/362060/should-id-be-given-in-url-if-already-secured-with-jwt-containing-id

Affiliate Marketing Examples

278 Comments 

Member Comments

RE: Should ID be given in URL if already secured with JWT containing ID?

thanks

By xetheki » Sun 21-Jan-2024, 10:26, My rating: ✭ ✭ ✭ ✭ ✭

You completed some good points there. I did a search on the issue and found a good number of people will consent with your blog. rút tiền 789bet

278 Comments  • Page 23 of 278 •        Previous « 1…  21   22   23   24   25  …278 » Next

Email to a friend

Email this Rant to a friend
%0ASee:%0A http://www.chambers.com.au/forum/view_post.php?frm=1%26pstid=232" alt="Email to a friend" />