I had a scenario happen the past couple of weeks with an app of mine. The mobile app would do the following logic:
Send a HTTP POST call to the API. Response came back 200.
The client side app parsed the response.
Client side app marked the task as completed.
If step 1 or 2 fail, step 3 does not happen and the task will be retried.
Here is the problem. The client side app had a bug and step 2 always failed after step 1 was successful. The endpoint required you send in a body like this:
{
name: "Sue",
game: {},
winner: "sue"
}
As you can tell, there is nothing unique here. You can send this body as many times as you want and there is nothing telling the API that this data is a duplicate of another entry. Therefore, the client side app was calling the API 100 times a day and the API would insert a row into the DB 100 times. The API should have instead queried the DB, found a duplicate, and sent back a 200.
Each endpoint that pushes data to the DB should have a way to determine if data is a duplicate or not.
I had a scenario happen the past couple of weeks with an app of mine. The mobile app would do the following logic:
If step 1 or 2 fail, step 3 does not happen and the task will be retried.
Here is the problem. The client side app had a bug and step 2 always failed after step 1 was successful. The endpoint required you send in a body like this:
As you can tell, there is nothing unique here. You can send this body as many times as you want and there is nothing telling the API that this data is a duplicate of another entry. Therefore, the client side app was calling the API 100 times a day and the API would insert a row into the DB 100 times. The API should have instead queried the DB, found a duplicate, and sent back a 200.
Each endpoint that pushes data to the DB should have a way to determine if data is a duplicate or not.