Which HTTP status code is correct for Subscription cancel exception?

huangapple go评论100阅读模式
英文:

Which HTTP status code is correct for Subscription cancel exception?

问题

正确的HTTP状态代码是HTTP 403 Forbidden。当用户试图访问特定页面时,您可以抛出此异常。我已检查了一些状态码,如Payment Required,但似乎不符合要求。有任何建议吗?

英文:

Which HTTP status code is correct for Subscription Canceled exception?

I need to throw an exception when the user tries to accesses a certain page.

I checked a few statuses like Payment Required, but it's not satisfying the requirement. Any suggestion?

答案1

得分: 6

  • HTTP status code is correct for Subscription cancel exception:

    • 订阅取消异常的正确HTTP状态码是:
  • HTTP status codes belong to the transfer documents over a network domain:

  • So the specifics of what is going on in your domain don't particularly matter - the idea is to understand the error condition in terms of document transfer, and work from there:

    • 因此,_您的_领域内正在发生的具体情况并不特别重要 - 关键是理解文档传输方面的错误情况,然后从那里解决问题。
  • In this case, the best fit is likely 403 Forbidden:

  • The 403 (Forbidden) status code indicates that the server understood the request but refuses to authorize it. A server that wishes to make public why the request has been forbidden can describe that reason in the response payload (if any):

    • 403(禁止)状态码表示服务器理解了请求但拒绝授权。希望公开说明请求被禁止的服务器可以在响应负载中描述禁止的原因(如果有的话)。
  • It may help to imagine how this example would play out on a web site. For the human user, you would return a bunch of HTML explaining that their subscription had been canceled, perhaps with links to resources that would allow the user to re-subscribe, and so on:

    • 想象一下此示例在网站上的表现方式可能会有所帮助。对于人类用户,您可以返回一堆HTML,解释他们的订阅已被取消,可能还包含允许用户重新订阅的资源链接等等。
  • For the browser, you would have the HTTP meta data, including the status code, so that the browser would understand the general purpose semantics of the message (for instance, should earlier representations of the resource be invalidated in the cache):

    • 对于_浏览器_,您将拥有HTTP元数据,包括状态码,以便浏览器可以理解消息的一般目的语义(例如,早期的资源表示是否应该在缓存中被使无效)。
  • it's a API request from front-end:

    • 这是来自前端的API请求。
  • This doesn't really enter into the discussion; the motivation for the uniform interface is that we can swap out the implementations at either end of the conversation and the semantics of the self descriptive messages don't change:

    • 这实际上并不涉及到讨论;统一界面的动机是我们可以在对话的任一端替换实现,而自描述消息的语义_不会改变_。
英文:

> Which HTTP status code is correct for Subscription cancel exception?

HTTP status codes belong to the transfer documents over a network domain.

So the specifics of what is going on in your domain don't particularly matter - the idea is to understand the error condition in terms of document transfer, and work from there.

In this case, the best fit is likely 403 Forbidden

> The 403 (Forbidden) status code indicates that the server understood the request but refuses to authorize it. A server that wishes to make public why the request has been forbidden can describe that reason in the response payload (if any).

It may help to imagine how this example would play out on a web site. For the human user, you would return a bunch of HTML explaining that their subscription had been cancelled, perhaps with links to resources that would allow the user to re-subscribe, and so on.

For the browser, you would have the HTTP meta data, including the status code, so that the browser would understand the general purpose semantics of the message (for instance, should earlier representations of the resource be invalidated in the cache).

> it's a API request from front-end.

This doesn't really enter into the discussion; the motivation for the uniform interface is that we can swap out the implementations at either end of the conversation and the semantics of the self descriptive messages don't change.

答案2

得分: 1

我会说正确的响应代码是:

> 401 未经授权

根据定义,用户已取消订阅,无法再访问付费内容,因此用户对此未经授权。换句话说,用户已经经过身份验证,但未经授权执行此请求。

英文:

I would say that correct Response code is:

> 401 Unauthorized

Since by the definition the user Cancelled his subscription and cannot more access paid content, therefore user is Unauthorized for that.
In the other words User is Authenticated but Unaouthorized to do this request.

答案3

得分: 1

我想提供一种替代方案。403错误在这里非常合理,因为资源被拒绝访问。然而,这可能在前端处理起来比较困难,因为它与由于缺乏权限或角色而引起的403错误无法区分。402错误是非标准的,但"需要付款"会更容易进行编程处理。如果允许使用非标准的HTTP代码,我认为这是一个更适合从基于已取消订阅或一般缺乏有效订阅的API返回的状态。

英文:

I'd like to offer an alternative solution. 403 errors make a lot of sense here, as access is denied for a resource. However, this could be difficult to handle in the front-end, because it's indiscernible from a 403 error caused by lacking permissions or roles. A 402 error is non-standard, but "Payment Required" would be easier to program around. If using a non-standard HTTP code is allowed, I believe this to be a more suitable status to return from an API based on a cancelled subscription, or a lack of a valid subscription in general.

huangapple
  • 本文由 发表于 2020年8月4日 19:53:26
  • 转载请务必保留本文链接:https://go.coder-hub.com/63246325.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定