I'm designing a game that makes use of websockets for realtime communication of game moves and chat between participants.
I also need clients to make metadata operations, such as:
My question is, should these operation be performed in the already existing websocket connection, or should I create REST API endpoints for them?
The advantage for using websockets is that it's already open, so it will be faster, and I have the user authentication already in place.
The advantage of using API is that all of these operations are very natural to request/response communication. I mean if I will need to implement it in websockets, that client will issue a request, and the response will come sometime in the future (maybe), and I will have to scan the stream of messages in the socket and assign each response to the corresponding request manually.
Any other points I should take into considerations, and what is your take on this?
REST as described in Roy Fielder's dissertation provides far more than request/response interactions. But most applications only implement the basic GET/PUT/POST/DELETE/OPTION HTTP verbs. Conceptually REST is not limited to being implemented over HTTP. Thus WebSockets can be used to implement similar protocol.
I presume you realize that WebSockets is effectively an implementation of TCP on top of HTTP. So in terms of networking infrastructure, there are situations were REST over HTTP caching/proxing mechanisms are more performant.
In my experience with REST over HTTP, CORS can be an issue if you are using multiple unrelated origins. Depends on your server as to how well you can handle them.