-
Notifications
You must be signed in to change notification settings - Fork 2
restful caching and XSRF
mkristian edited this page Oct 16, 2011
·
5 revisions
when the server receives a PUT or a POST request on single resource then it sends the new or changed resource back to the GWT client. with this restful caching can work on the client in a restful manner as such:
- POST will create a new resource and the result will be cached using the Location header as key for the cache
- GET uses the url as cache key to retrieve the cached data
- PUT uses the url as cache key to either store the result or when the response has a status CONFLICT it will delete the cache entry to allow the next get to retrieve the updated data
- DELETE uses the url as cache key to delete the cache entry
the CONFLICT status belongs to an optimistic persistence/transaction which can be scaffolded by adding --optimistic to the options (scaffold options)
the caching framework of restygwt allows to receive a XSRF token and sending it back on each request. to set up rails to handle that you need to add following to your app/controllers/application_controller.rb
private
after_filter :csrf
def csrf
response.header['X-CSRF-Token'] = form_authenticity_token if current_user
end
on the client side you need to pass all requests through one of the DispatcherSingletons
@Options(dispatcher = RestfulDispatcherSingleton.class)
public interface CountriesRestService extends RestService {
@GET @Path("/countries")
@Options(dispatcher = DefaultDispatcherSingleton.class)
void index(MethodCallback<List<Country>> callback);
@GET @Path("/countries/{id}")
void show(@PathParam("id") int id, MethodCallback<Country> callback);
@POST @Path("/countries")
void create(Country value, MethodCallback<Country> callback);
@PUT @Path("/countries/{id}")
void update(@PathParam("id") @Attribute("id") Country value, MethodCallback<Country> callback);
@DELETE @Path("/countries/{id}")
void destroy(@PathParam("id") @Attribute("id") Country value, MethodCallback<Void> callback);
}