Do sessions really violate RESTfulness?

前端 未结 7 1193
小蘑菇
小蘑菇 2020-11-22 08:35

Is using sessions in a RESTful API really violating RESTfulness? I have seen many opinions going either direction, but I\'m not convinced that sessions are RESTless

7条回答
  •  灰色年华
    2020-11-22 09:00

    1. Sessions are not RESTless
    2. Do you mean that REST service for http-use only or I got smth wrong? Cookie-based session must be used only for own(!) http-based services! (It could be a problem to work with cookie, e.g. from Mobile/Console/Desktop/etc.)
    3. if you provide RESTful service for 3d party developers, never use cookie-based session, use tokens instead to avoid the problems with security.

提交回复
热议问题