Menu
I have a typical user management module for which I want create REST APIs. User should be able to access his/her details but shouldn't be allowed to access other user details. Being an administrator user should be able to fetch any user or remove any user.
This is how I am planning to create URL end points, any suggestions ?
# To create/register user
POST /api/users/
# or
POST /api/register/
# To get all users
# This will be allowed to access only by admins.
GET /api/users/
# To get current user.
# For admin, allowed
# For regular user, id will be validated against userid stored in the session.
GET /api/users/<id>/
# To update current user.
# This id will be validated against userid stored in the session.
PUT /api/users/<id>/
# To delete current user.
# For admin, allowed
# This id will be validated against userid stored in the session.
DELETE /api/users/<id>/
# Login
POST /api/login/
# Logout
GET /api/logout/
Thank you
932
I think you've got the endpoint scheme pretty good.. only thing is the context will be the passed-in user (from the url path) and not current user.
# To create
POST /api/users
# To get all users
GET /api/users
# To get particular user.
GET /api/users/<id>
# To update particular user.
PUT /api/users/<id>
# To delete particular user
DELETE /api/users/<id>
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
