为REST应用程序中当前登录用户设计URI [英] Designing URI for current logged in user in REST applications
问题描述
我需要在REST API中使用URI来检索当前登录的用户。通常我使用 GET
在具有ID的资源上,但客户端不知道用户的ID。
I need a URI in my REST API to retrieve the current logged in user. Usually I use GET
on resource with ID, but the client doesn't know the ID of the user.
我找到了以下解决方案:
I found the following solutions:
-
按用户名
By user name
此解决方案使用用户名而不是用户的ID。
This solution uses the user name instead of the ID of the user.
示例:
- Bitbucket REST API :
GET / user / {userSlug }
- Bitbucket REST API:
GET /user/{userSlug}
拥有自己的资源
此解决方案为用户提供了一个资源,为登录用户提供了一个额外资源。
This solution has one resource for users and one additional resource for logged in user.
示例:
-
JIRA REST API :
GET /我
GitHub REST API : GET / user
Stack Exchange REST API : GET / me
带符号链接
此解决方案具有美国ID的符号链接呃。
This solution has a symbolic link for the ID of the user.
示例:
- Confluence REST API :
GET / user / current
- Confluence REST API:
GET /user/current
使用过滤器
此解决方案使用过滤器作为用户名。
This solution uses a filter for the user name.
示例:
- JIRA REST API :
GET / user?username = {username}
- JIRA REST API:
GET /user?username={username}
哪一个最RESTful?有什么优点和缺点?
Which one is most RESTful? What are the pros and cons?
推荐答案
这取决于你。所有的方法都很完美从REST角度来看。
It's up to you. All the approaches are perfectly fine from a REST perspective.
根据Roy Thomas Fielding的论文 * ,任何可以命名的信息都可以是资源:
According to Roy Thomas Fielding's dissertation*, any information that can be named can be a resource:
REST中信息的关键抽象是资源。可以命名的任何信息都可以是资源:文档或图像,临时服务(例如洛杉矶的今天天气),其他资源的集合,非虚拟对象(例如人)等等。换句话说,任何可能是作者超文本引用目标的概念都必须符合资源的定义。资源是到一组实体的概念映射,而不是与任何特定时间点的映射相对应的实体。 [...]
The key abstraction of information in REST is a resource. Any information that can be named can be a resource: a document or image, a temporal service (e.g. "today's weather in Los Angeles"), a collection of other resources, a non-virtual object (e.g. a person), and so on. In other words, any concept that might be the target of an author's hypertext reference must fit within the definition of a resource. A resource is a conceptual mapping to a set of entities, not the entity that corresponds to the mapping at any particular point in time. [...]
使用 / me
时, / users / me
, / users / myself
, / users / current
和similars,您有经过身份验证的用户的定位器,它将始终识别经过身份验证的用户的概念,无论哪个用户经过身份验证。
When using /me
, /users/me
, /users/myself
, /users/current
and similars, you have a locator for the authenticated user and it will always identify the concept of an authenticated user, regardless of which user is authenticated.
为了获得更大的灵活性,您还可以支持 / users / {username}
。
For more flexibility, you also can support /users/{username}
.
顺便说一句,在使用魔法(我/自我)资源标识符时,类似的情况也得到了解决REST原则?
*如果您对REST感兴趣,第5章是必读的。
* If you are interested in REST, the chapter 5 of Fielding's dissertation is a must-read.
这篇关于为REST应用程序中当前登录用户设计URI的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!