Rant Image

The Rant

Should ID be given in URL if already secured with JWT containing ID?

Submitted by JoeClark » Mon 11-Dec-2017, 20:16

Subject Area: General

Keywords: Affiliate Marketing Examples

41 member ratings

Hi.

If I wanted to DELETE a user authenticated with a JWT token that contains the user object, should this DELETE handled go under /users or /users/?

It makes sense to have under the /users/ endpoint as you're deleting that specific item.

But also makes sense to have it under /users as then you don't have redundant data and you don't have to enter the every time you want to perform a function on your user when you already have the JWT authentication.

This idea falls to many-to-many objects too, say I wanted to access /users//games//move stripping '/users/' makes it seem like there's not 'user' resource but it makes it less clunky and again less data redundancy.

Which is more 'accepted' or 'right'?

Please Help.

Thanks,

I didn't find the right solution from the internet.
References:https://softwareengineering.stackexchange.com/questions/362060/should-id-be-given-in-url-if-already-secured-with-jwt-containing-id

Affiliate Marketing Examples

279 Comments 

Member Comments

RE: Should ID be given in URL if already secured with JWT containing ID?

Help

By xetheki » Wed 10-Apr-2024, 23:44, My rating: ✭ ✭ ✭ ✭ ✭

The online game betting market is becoming more vibrant than ever with a series of bookmakers being introduced to Vietnam. In which, i9bet stands out with its new way of operating the game, attracting a large number of supporters from bettors everywhere. Today we introduce i9bet - the most popular bookmaker today. Readmore: tải app i9bet

279 Comments  • Page 5 of 279 •        Previous « 1…  3   4   5   6   7  …279 » Next

Email to a friend

Email this Rant to a friend
%0ASee:%0A http://www.chambers.com.au/forum/view_post.php?frm=1%26pstid=232" alt="Email to a friend" />