0

In my application I have route /users/37/verify_email. Because action for this route updates activation info in database I ask client to complete this request with PUT method.

In application on backend there are many steps to verify. After success verification I redirect client to next step with 302 Found with a little hack:

Location: /users/37/verify_email?_method=PUT

This looks ugly a bit for me.

Is this OK to do such redirections?

UPD

I follow the REST and when I want to delete resource I generate next link on admin page:

<a href="/users/37?_method=DELETE">Delete</a>
<a href="/users/37"               >View  </a>

If we are in browser there will be:

GET /users/37?_method=DELETE
GET /users/37

When performing application/json there will be:

DELETE /users/37
GET /users/37

But I am not sure is this OK to put such routes into Location header:

Location: /users/37?_method=DELETE

I can not find anywhere this syntax:

Location: DELETE /users/37
Eugen Konkov
  • 22,193
  • 17
  • 108
  • 158

1 Answers1

0

Well, you can't follow REST in HTML forms, because you are limited for GET and POST method only.

Simply create URL /users/37/delete, do all your validation here and delete it on success. If you want to have REST API, keep it separately with JSON only interface, because you are very limited here with HTML.

Also, is very dangerous to do validation on one URL and than redirect it to URL which do deleting itself. What if your user will find out, which URL is deleting stuff? He can skip the validation.

Consider using microservices or simply call your API from backend code (API can run on your intranet only and will be accessible only from backend, not from outside).

Pavel Štěrba
  • 2,822
  • 2
  • 28
  • 50