如何公开REST方式验证API？ [英] How to expose a validation API in a RESTful way?

问题描述

我一般的REST的API设计的散热风扇，但我不能确定如何应用REST原则验证API。

I'm generally a fan of RESTful API design, but I'm unsure of how to apply REST principles for a validation API.

假设我们有查询和更新用户的个人资料信息（姓名，电子邮件，用户名，密码）的API。我们认为该功能的有益片暴露将是验证，例如查询一个给定的用户名是否是有效的和可用的。

Suppose we have an API for querying and updating a user's profile info (name, email, username, password). We've deemed that a useful piece of functionality to expose would be validation, e.g. query whether a given username is valid and available.

哪些在这种情况下，资源（多个）？什么HTTP状态codeS和/或标题应该使用？

What are the resource(s) in this case? What HTTP status codes and/or headers should be used?

作为开始，我有 GET /型材/验证这需要查询字符串PARAMS并返回 204 或 400 。但验证显然是一个动词而不是名词。

As a start, I have GET /profile/validate which takes query string params and returns 204 or 400 if valid or invalid. But validate is clearly a verb and not a noun.

推荐答案

类型的你所描述的事情肯定是更多的RPC风格在它的语义，但是，这并不意味着你不能在达到自己的目标一个RESTful的方式。

The type of thing you've described is certainly more RPC-style in its' semantics, but that doesn't mean you can't reach your goals in a RESTful manner.

有没有验证 HTTP动词，所以你有多少价值可以从构建围绕整个API得到什么？你的故事主要围绕为用户提供确定的能力给用户名是否可用 - 这听起来好像是一个简单的资源检索检查 - GET：/profile/username/... - 如果结果为404，名称是可用的。

There's no VALIDATE HTTP verb, so how much value can you get from structuring an entire API around that? Your story centers around providing users with the ability to determine whether a given user name is available - that sounds to me like a simple resource retrieval check - GET: /profile/username/... - if the result is a 404, the name is available.

这有什么突出的是，该客户端的验证就是这样 - 客户端。这是一个用户界面的关注，以确保数据被发送到服务器之前在客户机上进行验证。 RESTful服务不给丝毫客户端是否已经执行验证;基于它自己的验证逻辑，它会简单地接受或拒绝的请求。

What this highlights is that that client-side validation is just that - client side. It's a UI concern to ensure that data is validated on the client before being sent to the server. A RESTful service doesn't give a whit whether or not a client has performed validation; it will simply accept or reject a request based on its' own validation logic.

REST是不是一个包罗万象的范例，它不仅介绍了构建客户端服务器通信的方式。

REST isn't an all-encompassing paradigm, it only describes a way of structuring client-server communications.

这篇关于如何公开REST方式验证API？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！