I have been trying to read up on this REST stuff that everyone is
talking about. It all seems very nice, but I can't seem to handle
user sessions and still have pretty URLs. Perhaps someone here has a
As far as I can see, rails sessions breaks REST since the session the
cookie refers to state located on the server. Another way to handle
sessions would be to make them a resource and then refer to a session
in the URL. Something like:
This is in my opinion not as nice as the same URL with no session id
suffix. My main gripe with session ids in the URL is that the URL isn't
bookmarkable in the same way as a URL without a session id. It might
also be confusing for the end user if he wants to share an URL with a
friend. Come to think of it, it might also be a security hole if a user
decides to share an URL with a friend.
What is this group's take on REST and sessions? I have just recently
started to read about REST so I might have missed something important.
In that case maybe someone here can point me to some right direction.