I’m working on a project with a Rails API that generates session tokens and allows use of a
current_user method. My question is about RESTful nested routes.
Let’s say I have models
Observation, and a user
has_many observations. I want to be able to return all of the observations related to a particular user. This is how I was thinking to set up the routes:
resources :users do resources :observations, only: [:index] end
This gives me the following route (everything is in an
My question is, if the API requires generating a session to “log in” and the
current_user method is available, should I have routes like this that require a
:user_id to be used by someone who has already signed in? If they’re logged in, the user object is already available with
current_user. Rather than
User.find_by(:user_id).observations in the controller, I could just do
However, the URL structure above seems more RESTful. If the URL were just
api/observations/, that would seem to imply that the response should include all observations. But really, in the application domain there is no concept/need to return a list of all observations of all users.
Hopefully this makes sense. Thanks in advance if anyone has any thoughts!