which crud operation in rest to use post or delete?
Question
i have created a bank application where i want to write a rest service to delete account . so for that we need an account no . for that i think for security reasons i cant pass account no in url . so i am passing it in request body . i think if i try using it with delete it runs fine but again that could be a security issue . so in that case will i need to use post instead of delete so that i can pass account no in request body ?
@PostMapping("/account")
public void deleteAccount(@RequestBody @Valid final AccountNoDto accountNoDto) {
return accountService.deleteAccount(accountNoDto);
}
or
@DeleteMapping("/account/{accountNo}")
public void deleteAccount(@PathVariable Long accountNo) {
return accountService.deleteAccount(accountNo);
}
2 answers
solution1
2 ACCPTED 2018-06-28 04:23:49
You should use @DeleteMapping because you are deleting a record. The HTTP verbs should be compliant with what the function does.
But dont send the account Number along with the endPoint. Write the endpoint as -
@DeleteMapping("/account")
The Account Number should be retrived at the backend from the token you will be sending along with the request.So All requests GET,POST,PUT,DELETE will have the same uri and the account number will be fetched from the token at the backend. If you want to know how it is done in spring read about SecurityContextHolder class
solution2
0 2018-06-28 03:56:46
Idealy we use @DeleteMapping for delete operation and we use @PostMapping for new creation and updation of data . I dont think account id is that much sensitive information to reveal in url. You can go for @DeleteMapping
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.