Using incremental IDs or UUIDs?

Using incremental IDs or UUIDs?

tom

Creator of StickerRun®
Community Team
Local time
16:50
Joined
Oct 13, 2019
Messages
258

Hello everybody!

I need your help for this question: Should I use UUIDs right away for internal relations and POST parameters sent from and returned to the frontend or should I stay with incremental IDs?
I know the whole passing incremental IDs is bad but I'm not sure if I should do all the work to switch from incremental IDs (which is out of the box) to UUIDs.

I'm looking forward to your answers.

Thank you very much and have a blessed day!

 

Gummibeer

Astroneer
Moderator
Local time
16:50
Joined
Oct 5, 2019
Messages
1,167
Pronouns
he/him

Incremental IDs. If you want to prevent the simple URL/parameter manipulation by incrementing I would use a "token/uuid" field as a second unique column.
Because I know you use Laravel you can use this:

PHP:
Route::model('shooting', Shooting::class, function ($token) {
    return Shooting::byToken($token)->firstOrFail();
});
Route::pattern('shooting', '[a-z0-9]+');
In your RouteServiceProvider or customize the route model resolving by any other method Routing - Laravel - The PHP Framework For Web Artisans

But I would never go for UUIDs in a relation DB as PK.

 

frood

Member
Local time
16:50
Joined
Oct 13, 2019
Messages
31

In my mind, you shouldn't be able to get access to any information that you're not supposed to get by guessing either incremental ID or UUIID. So I think using incremental ID keeps you on your toes: instead of just assuming nobody will guess an UUID, you simply start with the case of it being known, and then make that secure.

I'm no expert, but this has been my reasoning so far. Like Gummibeer said, if I needed something else, I'd probably add another column. Like users might have a simple increment int ID internally, but an UUID publically.

 

tom

Creator of StickerRun®
Community Team
Local time
16:50
Joined
Oct 13, 2019
Messages
258

Thank you very much for your input. Having an UUID column in addition to the internal incremental ID sounds like a good plan. I'll go for this.

 
Top