REST anti-patterns

URI not very RESTful

  • POST /accounts/create
  • POST /createAccount
  • POST /accounts

Using wrong HTTP methods

  • GET — Retrieve records
  • POST — Create records
  • PUT — Update whole records
  • PATCH — Update pieces of records
  • DELETE — Delete records
  • OPTIONS — Discover options for a resource
  • HEAD — Retrieve headers of a resource or resources
  • POST /accounts/4402278/delete
  • POST /deleteAccount?accountNumber=4402278
  • DELETE /accounts/4402278

Hurting Idempotency

  • Idempotent methods: GET, PUT, OPTIONS
  • Non Idempotent methods: POST
  • The accounts will not be deleted many times … thinking this way it is idempotent
  • The second time the resource will not be found and should return a 404 Not found, this way it’s not idempotent anymore

Ignoring status codes

  • GET /accounts/123456 (and there is no matching record) response: HTTP status 200 (ok) with a body saying it’s not found.
  • GET /accounts/123456 (and there is no matching record) response: HTTP status 404 (not found)

HTTP status codes

Ignoring caching

Ignoring hypermedia

More on HATEOAS

  • Consumers interact with an application through hypermedia provided dynamically by the API
  • Current state of the application is defined by your data and the links on your payloads.
  • Consumers must have a generic understanding of hypermedia.
  • Allows the server functionality to evolve independently.
  • Interaction is driven by hypermedia, rather than out-of-band information.
{
"accounts": [
{
"accountNumber": "4502278",
"balance": 100.00,
"links": [
{"rel": "deposit", href: "/account/4502278/deposit"},
{"rel": "withdraw", href: "/account/4502278/withdraw"},
{"rel": "transfer", href: "/account/4502278/transfer"},
{"rel": "close", href: "/account/4502278/close"}
]
}
]
}
{
"accounts": [
{
"accountNumber": "4502278",
"balance": -60.55,
"links": [
{"rel": "deposit", href: "/account/4502278/deposit"}
]
}
]
}

Confusing REST with RPC

  • POST /accounts/4402278/close
  • POST /_closeAccount?accountNumber=4402278

Ignoring MIME types

Conclusion

  • Be coherent
  • Require headers
  • Use Standards (example json api)
  • Build well designed URIs
  • Return coherent status codes
  • Use correct HTTP methods
  • Care about idempotency
  • Think about the semantic of the URIs

--

--

--

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

Feren OS 2022.04 — smaller refinements

Architecting a Solution for Large Web Project — Frontend/Fullstack dev point of view — Thoughts

Why GitHub Copilot is not a Threat to your Job

AUTODATA 3.45 Latest Software Version

Second post for Python learning

Reliability in Media Transports

Billing software in chennai

Object-relational Mapping Using JPA, Hibernate and Spring Data JPA.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Marcelo Cure

Marcelo Cure

More from Medium

ADR — What, When, How?

Load Balancers

REST Vs GRAPHQL Vs GRPC

Exploring Design Patterns — Composite Pattern (Basic Arithmetic Expression)