[Catalyst] Re: REST - like uri design for CRUD

[Aristotle Pagaltzis]

* Dave Rolsky <autarch at urth.org> [2008-01-21 07:10]:
> On Mon, 21 Jan 2008, Aristotle Pagaltzis wrote:
>> The part where web browsers really do suck – and I really mean
>> suck utterly terribly – is HTTP Auth, which makes you have to…
>> well, you don’t quite have to violate REST constraints, but
>> you are forced to traipse into grey areas like cookie-based
>> auth (not sessions!).
>
> I think sessions _can_ be RESTful if they are part of the URI,
> though you probably wouldn't want to use them for auth.

Yes – my focus was on cookies, not sessions.


* Jonathan Rockway <jon at jrock.us> [2008-01-21 08:55]:
> Along these lines, how is everyone doing multi-page forms? I
> like to do GET/POST/redirect, but that needs the session to get
> the data from page 1 to page 2. Without a session, I use the
> old "POST returns the form with hidden fields that is page 1",
> but i *hate* that technique. So I use the session. (I also use
> the Flash for "You've added a record successfully!" messages.
> Totally non-RESTful, but the users seem to like it.)

Just like Dave described above: instead of using a cookie to pull
in the session, but the session ID in the URI, so the redirect
after the POST sends the browser to a URI that is unique to that
user.

Personally, I don’t use the session stuff at all, I just throw
the “flash” info and such in the database and pull it out
manually. It’s really not much work thanks to Catalyst, though
once I grok Catalyst itself better I might create an Action plus
Plugin or something like that to abstract away some of the work,
so one doesn’t need to wire up everything manually for flyweight
minting of resources and URIs. The idea is you’d stow away bits
of data pertaining to a particular anticipated request, rather
than pertaining to a “session.” I guess in a way it’ll feel more
like Apache::Session::Counted than a traditional session API.

Regards,
-- 
Aristotle Pagaltzis // <http://plasmasturm.org/>