[FIXED] Which HTTP response should I return if email (or something else) exist?

Issue

In symfony api REST,

For now I do:

//mail exist:
$this->json("", Response::HTTP_OK) //200

//mail does not exist:
$this->json("", Response::HTTP_BAD_REQUEST) //400

but I'm wondering if it's not better to do:

$this->json("email exist", Response::HTTP_OK) //200
$this->json("email does not exist", Response::HTTP_OK) //200

Solution

I'm wondering if it's not better to do:

$this->json("email exist", Response::HTTP_OK) //200
$this->json("email does not exist", Response::HTTP_OK) //200

It certainly can be.

Status codes are meta data in the transfer of documents over a network domain. They are there for general purpose components (web browsers, caches) to use to identify the semantics of the HTTP response.

200 OK, in response to a GET request, tells us that the web server was able to find a copy of the document you asked for, and a copy of that document is included in the payload of the response.

It says nothing about whether the meaning of that document, in your business domain, is good news or bad news. You asked for the document, here is a current copy.

Imagine, if you will, that your web content included a text file with the contents

email does not exist

What status code do you use when somebody asks for a copy of that text file? 200, of course - we're able to respond with a copy of the document that they asked for, and the right way to signal that in the transfer of documents over a network domain is with an OK status.

The status code we use doesn't change just because the underlying implementation details change - pulling the copy of the file out of the file system, pulling the copy of the file out of a database, pulling some parameters out of a database and using them to generate a copy of the file are all implementation details, which we deliberately hide behind the web server facade.

---

Expressed another way: HTTP doesn't offer firm guidelines on what your resource model should be; it only defines the semantics of the messages we use to share information about the resource model

GET /documents?email=abuse@example.org

It's up to you what resource that request target identifies, whether it has a current representation under the present conditions, and so on. So you can really send back anything you want - then choose the status code that matches the semantics of your response message

---

BUT...

There are a number of cases where people have made assumptions that the status codes are a reflection of the business semantics; so you may have to compromise what you think is the "ideal" in order to get interop with other components.

One example is a "health check". If I ask for a document describing the health of the server, and the server is able to provide me a current copy of that document, the status code should be 200. BUT, if you look at the documentation for Consul, you'll find

The status of the service depends on the HTTP response code: any 2xx code is considered passing, a 429 Too ManyRequests is a warning, and anything else is a failure.

They ask you to lift the meaning of the document into the transfer of documents over a network metadata, which isn't really The Right Thing[tm] (a standardized representation or a link relation would be more appropriate).

That said, if you are willing to play by their rules, it works, and doing it their way saves you the work of writing your own Consul implementation.

Answered By - VoiceOfUnreason