Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to handle a "no action required" HTTP response

Tags:

.net

http

angular

I have an angular application. When a user logs in, the application sends a username/token pair off to an API route on a .NET backend.

If the username/token pair doesn't exist, the .NET application adds it to the database and returns a Created() response.

However, if the pair does exist (and it likely will), then no action is required and nothing is Created(). In this case, what response should I return?

Alternate solution: I could run two requests against the API, one GET to see if the user/tokan pair exists and then a POST request if it does not, but that isn't as efficient, requires nested promises and is generally not as pretty. Maybe preferable anyway?

like image 856
crowhill Avatar asked Aug 01 '17 16:08

crowhill


People also ask

How do I fix HTTP unsuccessful response?

To fix an HTTP status code error, refer to the documentation for your server or hosting provider. The server should return a status code in the 200s for all valid URLs or a status code in the 300s for a resource that has moved to another URL.

Can an HTTP response message be empty?

Sometimes an HTTPS response contains an empty content when using the OpenEdge HTTP client. Sometimes an HTTPS response contains an incomplete content when using the OpenEdge HTTP client. Sometimes an HTTPS response only contains the HTTP Header when using the OpenEdge HTTP client.

Which HTTP codes should retry?

HTTP status codes and the error message can give you a clue. In general, a 5xx status code can be retried, a 4xx status code should be checked first, and a 3xx or 2xx code does not need retried.


2 Answers

The response you want would be your choice as an API designer. I would probably do an Ok() response or NoContent() as long as the response isn't an error response.

like image 77
ITDerrickH Avatar answered Oct 16 '22 18:10

ITDerrickH


RESTfull user sessions

Following on my previous answer (deleted now) but I thought I would share how I handle this case.

POST => 201 created

If you want to always start a new user session you should send a POST. The server yields 201 created if a new session can be started. It's up to you if there is a constraint on using duplicate tokens. This means, that the front-end only sends POST when it knows it's going to be a new session.

PATCH => 204 no content

If you have a user/token pair and that can be used to identify a user session resource on the server. You just need to PATCH it to continue the session. If the patch is success the server can send 204.

If the session is no longer valid. The server should yield 401 unauthorized response.

GET, EDIT

These requests yield a 403 forbidden since user sessions can not be modified by the front-end.

Don't confuse user registration and user login with user sessions. Those are different RESTfull resources with different URL end points.

like image 33
Reactgular Avatar answered Oct 16 '22 17:10

Reactgular