I am trying to design REST API for different kind of users for an application. During the registration process, a user can be either a provider or a consumer. Basically, a provider provides some kind of service to one or many consumers. Suppose we want to create an endpoint where a logged in user can get all the services he provided or consumed depending on him being a provider or consumer. I was considering the following two options for such a URL endpoint:
Option 1
GET /api/v1/user/services
Option 2
/api/v1/provider/services
/api/v1/consumer/services
In option 1, the implementation logic would first need to check for user type in the view function, and then structure the response accordingly. In option 2 no such check is required since there are two different view functions corresponding to the two users. However, option 2 introduces a need for an authorization model such that a provider is restricted from accessing the consumer endpoint and vice versa. I was wondering which of the two options should I choose or if there is a better option I failed to consider? Also, are there any best practices in handling such use cases? Thanks in advance.
Aucun commentaire:
Enregistrer un commentaire