IRC log for #rest, 2017-09-12

https://trygvis.io/rest-wiki/

← Previous day | Channels | #rest index | Today | Next day → | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time	S	Nick	Message
00:09			tbsf joined #rest
00:33			wsiqueir joined #rest
03:03			tbsf joined #rest
03:07			tbsf joined #rest
03:11			tbsf joined #rest
03:15			tbsf joined #rest
03:16			tbsf joined #rest
03:17			tbsf joined #rest
03:18			tbsf joined #rest
06:22			_ollie joined #rest
06:41			_ollie joined #rest
06:45			Haudegen joined #rest
07:47			interop_madness joined #rest
07:47			interop_madness joined #rest
09:40			tbsf joined #rest
11:46			Haudegen joined #rest
11:56			tbsf joined #rest
13:18			tbsf joined #rest
13:27			tbsf joined #rest
13:29			tbsf_ joined #rest
13:33			tbsf joined #rest
13:51			wsieroci joined #rest
16:05			tbsf joined #rest
16:43			Haudegen joined #rest
17:50			LumberJill joined #rest
17:51		LumberJill	Hi guys, is it stateless if I use cookies ( server sets and retrieves session Id in cookies)?
17:51		LumberJill	I just can't wrap my head around this
17:55		whartung	no
17:55		LumberJill	can you please explain why it is not stateless?
17:56		whartung	hang on
17:56		LumberJill	okay thanks
17:59		whartung	try this https://stackoverflow.com/questions/1296421/rest-complex-applications/1297275#1297275
18:05		asdf	"filter resource whartung stackoverflow" for when i inevitably grep for this a year from now
18:05		asdf	hi future me
18:05		whartung	heh
18:08		whartung	did that help at all LumberJill
18:12		LumberJill	whartung I actually thought about seeing the session (that I already have in my design) as a resource and then pass it in parameters or headers (with some encoded JWT that would hold the session ID)
18:13		LumberJill	and I agree with the fact that putting the session in cookies makes it "lose" its definition as a resource
18:14		LumberJill	but I also think that a cookie parameter is nothing but a header parameter so it would be passed on with every request and with that thought I go back to assuming that using cookies is somehow stateless
18:19		whartung	but its a matter of context. When the value of the resource is so much dependent on the session
18:20		whartung	what are you using the session for?
18:22		LumberJill	well there are shared resources and then a client can have a private session where they can take a shared resource and operate on it without other clients' resources (other sessions) being affected
18:23		LumberJill	so its like to access a resource i need to identify "the workspace" where it "belongs"
18:24		LumberJill	I thought instead of storing that session (workspace) Id in cookies for a client, I can define it in URI as if its the top resource of the API hierarchy, if you see what i mean..
18:27		whartung	most of the time if you want some kind of client context, you base it on the infromation in the authentication header
18:29		LumberJill	Okay that the other way to do it, like using a Json web token and defining "claims" ? (one of the claims in this case would be the session Id for the client)
18:48			tbsf joined #rest
19:00			wsieroci joined #rest
21:17			_ollie joined #rest
21:42			Haudegen joined #rest
23:49			benaiah joined #rest
23:55			Davey joined #rest
23:55			Davey joined #rest

← Previous day | Channels | #rest index | Today | Next day → | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/