My question is, what is the good practice of choosing the right mapping types for login, logout and register endpoints, in my situation (described below).
I am writing project with the following technology stack
- MySql (Hibernate ORM)
- Spring Boot (with rest controllers: Restful api)
- AngularJS (view technology)
- Spring security with JWT tokens
my authentication controller has the following endpoints:
- register - if user with the given username doesn't exist, then register user with given credentials, set authentication to the authentication manager, return JWT authentication token in the header of http response, return http status OK, otherwise (user already exist) 409 Conflict
- login - if login credentials are correct, then set authentication to the authentication manager, return JWT authentication token in the header of http response, return http status OK, otherwise 401 Unauthorized
- logout - if user with given credentials is registered in the authentication manager, then remove it from there, return http status OK, otherwise 205 No content
for register endpoint I know that I should use POST mapping, but for login and logout I believe that I should not use GET mapping, as they are making changes in the authentication manager.
