Question
Are DELETE
requests reversible?
Answer
DELETE
is not like the trash bin in our computer, it is more like tearing and burning a page from a book, it is not a reversible action after the request has been sent, but depending on the purpose of the delete we can make “fire checks”, what do I mean by that?
let’s say we are creating an API server for our own app, and we will allow our user to request the deletion of their account on a single click of a button. Now, we all know that mistakes happen and either if our cat walked over the keyboard or if we mistakenly click on top of the button, it will be a total tragedy to lose whatever information that single mistake can destroy. In those cases, we would commonly set a two-step process authorization, if the button gets clicked, there will be a pop-up requesting further confirmation from the user that it is indeed the course of action that they want to take.
Regular APIs do not have that functionality (commonly), because if the developer using it has gone through the trouble to write a request with a DELETE
method, ie:
fetch('http://localhost/expressions/3', {method: 'DELETE'});
then, they really want to delete that data, yet if we want to be very nice, or the type of data we are working with our API is sensitive or important, we could implement an internal two-step process in the function, like every time we receive a DELETE
request to our endpoint, it will make a GET
request for that data, and a POST
request to a deleted storage where we can keep it for, let’s say, 30 days, and after those 30 days simply process a DELETE
on that data. We could further let the user know that he has 30 days to recuperate the data if they needed to, and even further we can provide a save DELETE
endpoint and a regular one so people can choose between:
DELETE http://localhost:4001/expressions/safe/:id
or
DELETE http://localhost:4001/expressions/:id
it will also mean that internally we will handle it differently on each endpoint, for example safe will have few more steps:
something like
...
const expressionIndex = getIndexById(req.params.id, expressions);
//we give the object a date where we want it to expire
expressionIndex.deleteDueDay = new Date().setDate(new Date().getDate()+30);
//and push it in our storage of deleted items
deletedExpressionsArray.push(expressionIndex);
//then we can delete the object from our expressions array
...
It is up to us to provide this options, but it is not necessary, DELETE
is an irreversible request and is generally treated with care.