43

Curious how others here would represent these in a REST architecture.

/users/login/ /users/logout/ 

These endpoints set up the session to login in the user, or clear it, respectively. My gut says POST, but I'm not in fact creating an object.

4
  • 2
    See also: stackoverflow.com/q/2001773/165674 Commented Nov 5, 2013 at 5:32
  • For logout, it is discussed in length at stackoverflow.com/q/3521290/873282 (with the same result) Commented Feb 19, 2017 at 23:54
  • 1
    Possible duplicate of Logout: GET or POST? Commented Sep 13, 2017 at 16:34
  • POST doesn't have to create a new resource. It just sends data to the server. What the server does with this data is up to the server. Commented Dec 24, 2020 at 15:51

3 Answers 3

64

You should use POST - using GET for these actions can lead to issues with browser prefetching and search engine spidering. See (1, 2)

Sign up to request clarification or add additional context in comments.

2 Comments

Concise, it was not necessary to make a research on it. Thanks
Yes, POST sounds like the most rational option for a logout request and is what I would consider by default, however, doesn't POST mean "create"? What form-data would you be sending for a logout request with POST? A DELETE request would hardly be suitable either unless you have something like DELETE /session/{id}. PUT would mean we're replacing something, so that's out of the question. What are your thoughts on PATCH?
0

Use POST.
Logout changes the state on the server (e.g., destroying a session, invalidating a token), so it should not be GET. POST is used for operations that cause side effects and are not idempotent — which logout usually is. It's semantically correct for actions like logout that do not delete a resource, but still trigger a state change.

Comments

-5

maybe CONNECT? MDN says:

The HTTP CONNECT method starts two-way communications with the requested resource. It can be used to open a tunnel.

as login means maintaining a session between browser and server, CONNECT method makes the most sense.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.