greptilian logo

IRC log for #rest, 2017-09-12

https://trygvis.io/rest-wiki/

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
00:09 tbsf joined #rest
00:33 wsiqueir joined #rest
03:03 tbsf joined #rest
03:07 tbsf joined #rest
03:11 tbsf joined #rest
03:15 tbsf joined #rest
03:16 tbsf joined #rest
03:17 tbsf joined #rest
03:18 tbsf joined #rest
06:22 _ollie joined #rest
06:41 _ollie joined #rest
06:45 Haudegen joined #rest
07:47 interop_madness joined #rest
07:47 interop_madness joined #rest
09:40 tbsf joined #rest
11:46 Haudegen joined #rest
11:56 tbsf joined #rest
13:18 tbsf joined #rest
13:27 tbsf joined #rest
13:29 tbsf_ joined #rest
13:33 tbsf joined #rest
13:51 wsieroci joined #rest
16:05 tbsf joined #rest
16:43 Haudegen joined #rest
17:50 LumberJill joined #rest
17:51 LumberJill Hi guys, is it stateless if I use cookies ( server sets and retrieves session Id in cookies)?
17:51 LumberJill I just can't wrap my head around this
17:55 whartung no
17:55 LumberJill can you please explain why it is not stateless?
17:56 whartung hang on
17:56 LumberJill okay thanks
17:59 whartung try this https://stackoverflow.com/questions/1296421/rest-complex-applications/1297275#1297275
18:05 asdf "filter resource whartung stackoverflow" for when i inevitably grep for this a year from now
18:05 asdf hi future me
18:05 whartung heh
18:08 whartung did that help at all LumberJill
18:12 LumberJill whartung I actually thought about seeing the session (that I already have in my design) as a resource and then pass it in parameters or headers (with some encoded JWT that would hold the session ID)
18:13 LumberJill and I agree with the fact that putting the session in cookies makes it "lose" its definition as a resource
18:14 LumberJill but I also think that a cookie parameter is nothing but a header parameter so it would be passed on with every request and with that thought I go back to assuming that using cookies is somehow stateless
18:19 whartung but its a matter of context. When the value of the resource is so much dependent on the session
18:20 whartung what are you using the session for?
18:22 LumberJill well there are shared resources and then a client can have a private session where they can take a shared resource and operate on it without other clients' resources (other sessions) being affected
18:23 LumberJill so its like to access a resource i need to identify "the workspace" where it "belongs"
18:24 LumberJill I thought instead of storing that session (workspace) Id in cookies for a client, I can define it in URI as if its the top resource of the API hierarchy, if you see what i mean..
18:27 whartung most of the time if you want some kind of client context, you base it on the infromation in the authentication header
18:29 LumberJill Okay that the other way to do it, like using a Json web token and defining "claims" ? (one of the claims in this case would be the session Id for the client)
18:48 tbsf joined #rest
19:00 wsieroci joined #rest
21:17 _ollie joined #rest
21:42 Haudegen joined #rest
23:49 benaiah joined #rest
23:55 Davey joined #rest
23:55 Davey joined #rest

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/