Why is the likeDislike a GET method. Should it not be a put or update? Similarly, the comment API looks like a PUT/Update. The comment string is expected to be put/updated.
When we want to hide data from users then we use the POST method for the request if we want to pass data like a user authentication token then we will use the POST/PUT/PATCH method for the request but as you can see in the lesson we are just passing user id and video id in the request so it is not necessary to use PUT/PATCH method so GET request is used to like or dislike.
But isnt GET supposed to retrieve data from the user’s intention point of view? Database updates can happen but they are not asked by the user explicitly like metrics update, tracking,etc.
However put/post is specifically for updates, security feature comes secondary.
I agree with the author of this post since GET should be idempotent, and not expected to update the state of backend.