Rest Session Managment

Hey everybody,

I want to built a new feature for my REST application and don't really know how or where to start. The user should be able to access data in diffrent databases. Should I implement a kind of session managment which saves the name of the database. So I only change the connection when the user wants data from a diffrent database or should I implent it inside the URI like /api/database/.../... ? At the moment I'm working with a Micro setup + collections.



you can use cookies to access data from your application but I'm not sure about security

edited May '15

the client application can be an android app as well... so I think cookies won't work

another idea:

just send the database behind the normal URI /api/search/id+database

I use token for authentication.


HMAC is work for me, but php-hmac-rest-api have a lot of magic. I like KISS and I rewrite it in phalcon way.