Rant Image

The Rant

Should ID be given in URL if already secured with JWT containing ID?

Submitted by JoeClark » Mon 11-Dec-2017, 20:16

Subject Area: General

Keywords: Affiliate Marketing Examples

43 member ratings

Hi.

If I wanted to DELETE a user authenticated with a JWT token that contains the user object, should this DELETE handled go under /users or /users/?

It makes sense to have under the /users/ endpoint as you're deleting that specific item.

But also makes sense to have it under /users as then you don't have redundant data and you don't have to enter the every time you want to perform a function on your user when you already have the JWT authentication.

This idea falls to many-to-many objects too, say I wanted to access /users//games//move stripping '/users/' makes it seem like there's not 'user' resource but it makes it less clunky and again less data redundancy.

Which is more 'accepted' or 'right'?

Please Help.

Thanks,

I didn't find the right solution from the internet.
References:https://softwareengineering.stackexchange.com/questions/362060/should-id-be-given-in-url-if-already-secured-with-jwt-containing-id

Affiliate Marketing Examples

291 Comments 

Member Comments

RE: Should ID be given in URL if already secured with JWT containing ID?

thanks

By xetheki » Fri 17-May-2024, 22:01, My rating: ✭ ✭ ✭ ✭ ✭

Win79 always appears in the list of the most attractive entertainment game portals in Vietnam. Joining this playground, you can freely explore many interesting bets. In addition, you can also receive many other memorable experiences. Readmore: win79

291 Comments  • Page 1 of 291 •         1   2   3   4   5  …291 » Next

Email to a friend

Email this Rant to a friend
%0ASee:%0A http://www.chambers.com.au/forum/view_post.php?frm=1%26pstid=232" alt="Email to a friend" />