views:

314

answers:

5

Which is better (for the user, for longevity, for performance, for whatever) to have:

http://{site}/{login} e.g. http://wildobs.com/adam_jack

or

http://{site}/user/{login}

Pros of former:

  • User feels more special.
  • URLs are shorter.

Cons of former:

  • Cannot have users w/ logins matching keywords, and keywords likely grow over time.

Clearly this is important to get right (or get wrong and stick to) since all user define URLs are based off it. Changing it would seem site suicide.

Do the cons (especially over time) outweigh the pros?

A: 

Personally I'd go for /user/{login}

Using /{login} feels too much like cluttering up the global namespace, and we all know globals are bad ;)

Greg
+6  A: 

I would say the cons outweigh the pros, so go with /user/login over /login. Consider stackoverflow, since it's MVC as well: I think it's easier to program knowing that everything in /user/blah will always refer to a user, whereas if you don't do this you'll have to consider every possibility.

For example, in site/foo, foo could be a username, admin page, or some other keyword. It's much easier to deal with if you properly segment everything all out so you know if you see site/user/foo it's always a user named foo.

Chris Bunch
+6  A: 

You might consider a third option:

Delimiting users with a single character, instead of a directory, as in unix.

http://site/~username

This can even result in a modrewrite to /user/username if that's more convenient.

Then you have short names, it's easy to deal with, and none of your regular pages will use that special character.

Adam Davis
+2  A: 

There is a very important problem with allowing users to create arbitrary names in the webserver root (as they could by chosing their own login if you use /{login} instead of /user/{login}): some names have special magic meanings, and these meanings are defined by third parties. For instance:

  • robots.txt, also known as the "Robots exclusion standard", followed by all well-behaved search engines.
  • favicon.ico, which started as an Internet Explorer standard and later was adopted by several other browsers.
  • Some websites (at least Google and IIRC Yahoo) use the fact that you can create a specially named file in the webserver root as proof that you are the site's webmaster and thus allow you access to some extra features (like Google Webmaster Tools).

There are several others; I have heard of sitemaps and files allowing extra cross-domain access, but there is no way I (or anyone else) can know all of them.

CesarB
A: 

From a RESTful MVC, the last time I checked the example from Restful Authentication plugin is the session create pattern. So instead of loging in a user, you're creating a session for the user. In that case the GET http://{site}/session/new whould show the login screen and POST http://{site}/session with the correct params would log the user in if authentication is successful.

Then, if you want to, can create a new route for http://{site}/login that would redirect to http://{site}/session/new. Similarly DELETE http://{site}/session would log you out.

Cem Catikkas