Rant Image

The Rant

Should ID be given in URL if already secured with JWT containing ID?

Submitted by JoeClark » Mon 11-Dec-2017, 20:16

Subject Area: General

Keywords: Affiliate Marketing Examples

41 member ratings

Hi.

If I wanted to DELETE a user authenticated with a JWT token that contains the user object, should this DELETE handled go under /users or /users/?

It makes sense to have under the /users/ endpoint as you're deleting that specific item.

But also makes sense to have it under /users as then you don't have redundant data and you don't have to enter the every time you want to perform a function on your user when you already have the JWT authentication.

This idea falls to many-to-many objects too, say I wanted to access /users//games//move stripping '/users/' makes it seem like there's not 'user' resource but it makes it less clunky and again less data redundancy.

Which is more 'accepted' or 'right'?

Please Help.

Thanks,

I didn't find the right solution from the internet.
References:https://softwareengineering.stackexchange.com/questions/362060/should-id-be-given-in-url-if-already-secured-with-jwt-containing-id

Affiliate Marketing Examples

279 Comments 

Member Comments

RE: Should ID be given in URL if already secured with JWT containing ID?

Help

By xetheki » Wed 10-Apr-2024, 23:46, My rating: ✭ ✭ ✭ ✭ ✭

bj38 is known as one of the newest and most reputable bookmakers in 2024 in Asia. Website bj38 will share all necessary information for those who need it. This is bj38's latest homepage - please click here Readmore: bj38.icu

279 Comments  • Page 4 of 279 •        Previous « 1…  2   3   4   5   6  …279 » Next

Email to a friend

Email this Rant to a friend
%0ASee:%0A http://www.chambers.com.au/forum/view_post.php?frm=1%26pstid=232" alt="Email to a friend" />