{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 我只想做你的唯一 的问题《Designing URI for current logged in user in REST a》','https://www.manongdao.com/q-186955.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I need a URI in my REST API to retrieve the current logged in user. Usually I use GET on resource with ID, but the client doesn't know the ID of the user.
I found the following solutions:
By user name
This solution uses the user name instead of the ID of the user.
Example:
- Bitbucket REST API:
GET /user/{userSlug}
- Bitbucket REST API:
With own resource
This solution has one resource for users and one additional resource for logged in user.
Examples:
JIRA REST API:
GET /myselfGitHub REST API:
GET /userStack Exchange REST API:
GET /me
With symbolic link
This solution has a symbolic link for the ID of the user.
Example:
- Confluence REST API:
GET /user/current
- Confluence REST API:
With filter
This solution uses a filter for the user name.
Example:
- JIRA REST API:
GET /user?username={username}
- JIRA REST API:
Which one is most RESTful? What are the pros and cons?
All are equally RESTful. REST is not about URIs, it is about using them RESTfully.
REST is about the client navigating application state. Part of this state may be who is the current user. All URLs can be used to get this part of application state.
It's up to you. All the approaches are perfectly fine from a REST perspective.
According to Roy Thomas Fielding's dissertation*, any information that can be named can be a resource:
When using
/me,/users/me,/users/myself,/users/currentand similars, you have a locator for the authenticated user and it will always identify the concept of an authenticated user, regardless of which user is authenticated.For more flexibility, you also can support
/users/{username}.By the way, a similar situation was addressed in Is using magic (me/self) resource identifiers going against REST principles?
* If you are interested in REST, the chapter 5 of Fielding's dissertation is a must-read.