mercredi 16 juin 2021

Best design for REST client that holds user token

I am writing a Java library that interacts with a REST service.

The service uses a REST client to interact with the service. Each user has its access token and needs to be sent as part of the user request.

The design somebody else did is something like this:

class UserAccount {
    private String userId;
    private String accessToken;
    ..... some other user data....
    
    private DataGateway dateGateway;

    public User(String userId, String accessToken, RestClient restClient) {
         dataGateway = new DataGateway(userId, accessToken, restClient);            
    }

    public Data getSomeData() {
         return dataGateway;
    }

    public DateGateway getDataGateway() {
         return dataGateway;
    }    
}

Another code can call UserAccount.getDateway() to retrieve the DataGateway instance that contains the user accessToken so that they can use it straight away.

I am not convinced with this design because It clearly put the data model and data service in the same class.

However, I can see why the code is written in this way because they don't want the user to supply their token as a method parameter every time they call a method of DataGateway.

What is a better design so that I can:

  • Separate the UserAccount data model and the 'action'
  • Allows a user to use the dataGateway without supplying accessToken every time

Aucun commentaire:

Enregistrer un commentaire