Newest online casino games philippines.Makakuha ng libreng 700pho sa bawat deposito

prionkor
(@prionkor)

3 years, 10 months ago

When I send an expired token the resulting JSON is below. But the HTTP status code is 200 instead of 403.

{
“success”: false,
“statusCode”: 403,
“code”: “jwt_auth_invalid_token”,
“message”: “Expired token”,
“data”: []
}

Viewing 2 replies - 1 through 2 (of 2 total)

afatoga
(@afatoga)

3 years, 9 months ago
I came across this topic as well.. Could anyone answer, why developers decided that plugin responses with code 200 instead of 401 or some other 40# ?
- This reply was modified 3 years, 9 months ago by afatoga.
- This reply was modified 3 years, 9 months ago by afatoga.
djboris88
(@djboris88)

3 years, 9 months ago

This topic is very debatable. Personally, I like it more when the response itself is with the code that reflects its nature, but I have worked with developers who prefer it otherwise, and I am starting to see the benefits of that.

For example, you send a request for a certain post by ID, and that post does not exist on the server. What code should the response be? 404 or 200? If 404, why is that, if the request was sent to the valid endpoint, and it was correctly processed and returned a valid response? 404 should be only if the request went to an endpoint that does not exist on the server.

This mindset is different than when simply browsing a website. If you open a broken link to a page that does not exist, you would get a 404 page. When loading a page content through multiple Rest API calls, and if you rely on the response codes to know what page to show (the actual or a 404 page), you would then have to differ the calls between themselves. For example, you request the actual page content, and you receive it and are ready to render it, but you also make a request for some other related content to show in the sidebar or below the main content. And that response for some reason comes with a code other than 200 (40x or 50x). If you rely on the response code to automatically redirect to a 404 page, then you will probably get undesired results.

A similar issue is for the 403 status code. If a minor piece of content of the page requires the user to be logged in, but the main content does not, would you redirect the user to the login page only because of that single 403 response?

It all comes down to the way the errors are handled on the client-side. You know that something is off with the server (or endpoint) if you receive a response with a code different than 200, but you still need to check the payload for the actual response status code and handle all of the error cases individually per request. That is what we settled to use. Automatic minimal ‘catch-all’ error handling for the actual response codes, and then individual error handling per request for the response codes in the response payload.