REST anti-patterns

URI not very RESTful

  • POST /accounts/create
  • POST /createAccount
  • POST /accounts

Using wrong HTTP methods

  • GET — Retrieve records
  • POST — Create records
  • PUT — Update whole records
  • PATCH — Update pieces of records
  • DELETE — Delete records
  • OPTIONS — Discover options for a resource
  • HEAD — Retrieve headers of a resource or resources
  • POST /accounts/4402278/delete
  • POST /deleteAccount?accountNumber=4402278
  • DELETE /accounts/4402278

Hurting Idempotency

  • Idempotent methods: GET, PUT, OPTIONS
  • Non Idempotent methods: POST
  • The accounts will not be deleted many times … thinking this way it is idempotent
  • The second time the resource will not be found and should return a 404 Not found, this way it’s not idempotent anymore

Ignoring status codes

  • GET /accounts/123456 (and there is no matching record) response: HTTP status 200 (ok) with a body saying it’s not found.
  • GET /accounts/123456 (and there is no matching record) response: HTTP status 404 (not found)

HTTP status codes

Ignoring caching

Ignoring hypermedia

More on HATEOAS

  • Consumers interact with an application through hypermedia provided dynamically by the API
  • Current state of the application is defined by your data and the links on your payloads.
  • Consumers must have a generic understanding of hypermedia.
  • Allows the server functionality to evolve independently.
  • Interaction is driven by hypermedia, rather than out-of-band information.
{
"accounts": [
{
"accountNumber": "4502278",
"balance": 100.00,
"links": [
{"rel": "deposit", href: "/account/4502278/deposit"},
{"rel": "withdraw", href: "/account/4502278/withdraw"},
{"rel": "transfer", href: "/account/4502278/transfer"},
{"rel": "close", href: "/account/4502278/close"}
]
}
]
}
{
"accounts": [
{
"accountNumber": "4502278",
"balance": -60.55,
"links": [
{"rel": "deposit", href: "/account/4502278/deposit"}
]
}
]
}

Confusing REST with RPC

  • POST /accounts/4402278/close
  • POST /_closeAccount?accountNumber=4402278

Ignoring MIME types

Conclusion

  • Be coherent
  • Require headers
  • Use Standards (example json api)
  • Build well designed URIs
  • Return coherent status codes
  • Use correct HTTP methods
  • Care about idempotency
  • Think about the semantic of the URIs

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Are Technical Indicators Effective?

How to automate building local virtual machines with Packer

Tech roundtable discussions

Who is an ideal programmer? How do you find one?

Rent,Lend,Bits! — phase 1

Leta OS. By Mihindu Ranasinghe

Using Active Support Concerns to Encapsulate Data Access and Validation

Purchase Order Management In AssetSonar

Purchase Order Management In AssetSonar

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Marcelo Cure

Marcelo Cure

More from Medium

Visualising Factory Pattern, Abstract Factory Pattern with use case in Java

In Defence Of Lazy Code Documentation

SOLID PRINCIPLES

Design Patterns | Introduction