If REST uses HTTP for all four CRUD (Create/Read/Update/Delete) operations, how should be designed(verb & path) operations like:
- register
- authentication/deauthentication
- reset password
Asked
Active
Viewed 127 times
1 Answers
1
Register: You could regard this as creating an account: POST /.../accounts
Auth/Deauth: Do you mean creating and deleting a session? Then it's a POST and a DELETE respectively: POST /.../sessions ; DELETE /.../session/{sessionid}. Strictly speaking, sessions are not restful. For more information, see "Do sessions really violate restfulness".
Reset password: Can be regarded as an update of a part of the account: PATCH /.../accounts/{accountid}. If the password is a separate resource, you could do PUT instead of PATCH: PUT /.../accounts/{accountid}/password
Community
- 1
- 1
www.admiraalit.nl
- 5,768
- 1
- 17
- 32
-
Thanks. By sessions I mean just a token, so it's stateless. – Sodiaan Nov 29 '16 at 07:23
-
What if register should be in two ways, register by login and password, and register by social token. How it could be? – Sodiaan Nov 29 '16 at 07:25