diff --git a/core/modules/rest/src/Plugin/ResourceBase.php b/core/modules/rest/src/Plugin/ResourceBase.php
index 2038fa9..10cdd46 100644
--- a/core/modules/rest/src/Plugin/ResourceBase.php
+++ b/core/modules/rest/src/Plugin/ResourceBase.php
@@ -43,11 +43,6 @@
   protected $logger;
 
   /**
-   * @var \Drupal\Core\Config\ImmutableConfig
-   */
-  protected $flood;
-
-  /**
    * Constructs a Drupal\rest\Plugin\ResourceBase object.
    *
    * @param array $configuration
@@ -60,14 +55,11 @@
    *   The available serialization formats.
    * @param \Psr\Log\LoggerInterface $logger
    *   A logger instance.
-   * @param \Drupal\Core\Flood\FloodInterface $flood
-   *   The flood control mechanism.
    */
-  public function __construct(array $configuration, $plugin_id, $plugin_definition, array $serializer_formats, LoggerInterface $logger, FloodInterface $flood) {
+  public function __construct(array $configuration, $plugin_id, $plugin_definition, array $serializer_formats, LoggerInterface $logger) {
     parent::__construct($configuration, $plugin_id, $plugin_definition);
     $this->serializerFormats = $serializer_formats;
     $this->logger = $logger;
-    $this->flood = $flood;
   }
 
   /**
@@ -79,8 +71,7 @@ public static function create(ContainerInterface $container, array $configuratio
       $plugin_id,
       $plugin_definition,
       $container->getParameter('serializer.formats'),
-      $container->get('logger.factory')->get('rest'),
-      $container->get('flood')
+      $container->get('logger.factory')->get('rest')
     );
   }
 
@@ -224,21 +215,4 @@ protected function getBaseRoute($canonical_path, $method) {
     return $route;
   }
 
-  /**
-   * Checks for flooding.
-   *
-   * @param \Drupal\Core\Config\ImmutableConfig $config
-   * @param $name
-   * @return bool
-   */
-  protected function restFloodControl($config, $name) {
-    $limit = $config->get('user_limit');
-    $interval = $config->get('user_window');
-    if (!$this->flood->isAllowed($name, $limit, $interval)) {
-      return TRUE;
-    }
-    return FALSE;
-  }
-
-
 }
diff --git a/core/modules/rest/src/Plugin/rest/resource/UserLoginResource.php b/core/modules/rest/src/Plugin/rest/resource/UserLoginResource.php
index 4966ed1..842d878 100644
--- a/core/modules/rest/src/Plugin/rest/resource/UserLoginResource.php
+++ b/core/modules/rest/src/Plugin/rest/resource/UserLoginResource.php
@@ -35,6 +35,11 @@ class UserLoginResource extends ResourceBase {
   protected $configFactory;
 
   /**
+   * @var \Drupal\Core\Config\ImmutableConfig
+   */
+  protected $flood;
+
+  /**
    * Constructs a new RestPermissions instance.
    *
    * @param array $configuration
@@ -49,10 +54,13 @@ class UserLoginResource extends ResourceBase {
    *   A logger instance.
    * @param \Drupal\Core\Config\ConfigFactoryInterface $config_factory
    *   The config factory.
+   * @param \Drupal\Core\Flood\FloodInterface $flood
+   *   The flood control mechanism.
    */
-  public function __construct(array $configuration, $plugin_id, $plugin_definition, array $serializer_formats, LoggerInterface $loggery, ConfigFactoryInterface $config_factory, FloodInterface $flood) {
-    parent::__construct($configuration, $plugin_id, $plugin_definition, $serializer_formats, $loggery, $flood);
+  public function __construct(array $configuration, $plugin_id, $plugin_definition, array $serializer_formats, LoggerInterface $logger, ConfigFactoryInterface $config_factory, FloodInterface $flood) {
+    parent::__construct($configuration, $plugin_id, $plugin_definition, $serializer_formats, $logger, $flood);
     $this->configFactory = $config_factory;
+    $this->flood = $flood;
   }
 
   /**
@@ -125,9 +133,6 @@ public function post(array $operation = array()) {
    *   The HTTP response object
    */
   protected function login(array $credentials = array()) {
-    if ($this->userIsAuthenticated()) {
-      throw new BadRequestHttpException('You need to logout first.');
-    }
 
     if (empty($credentials)) {
       throw new BadRequestHttpException('Missing credentials.');
@@ -163,10 +168,6 @@ protected function login(array $credentials = array()) {
     throw new BadRequestHttpException('Sorry, unrecognized username or password.');
   }
 
-  protected function userIsAuthenticated() {
-    return \Drupal::currentUser()->isAuthenticated();
-
-  }
   protected function status() {
     if (\Drupal::currentUser()->isAuthenticated()) {
       return new ResourceResponse('You are logged in.', 200, array());
@@ -180,10 +181,6 @@ protected function status() {
    * @return ResourceResponse
    */
   protected function logout() {
-    if (!\Drupal::currentUser()->isAuthenticated()) {
-      throw new BadRequestHttpException('You cannot logout as you are not logged in.');
-    }
-
     user_logout();
     return new ResourceResponse('You are logged out.', 200, array());
   }
@@ -198,4 +195,20 @@ protected function userIsBlocked($name) {
     return user_is_blocked($name);
   }
 
+  /**
+   * Checks for flooding.
+   *
+   * @param \Drupal\Core\Config\ImmutableConfig $config
+   * @param $name
+   * @return bool
+   */
+  protected function restFloodControl($config, $name) {
+    $limit = $config->get('user_limit');
+    $interval = $config->get('user_window');
+    if (!$this->flood->isAllowed($name, $limit, $interval)) {
+      return TRUE;
+    }
+    return FALSE;
+  }
+
 }
diff --git a/core/modules/rest/src/RequestHandler.php b/core/modules/rest/src/RequestHandler.php
index 801e0cd..7f56450 100644
--- a/core/modules/rest/src/RequestHandler.php
+++ b/core/modules/rest/src/RequestHandler.php
@@ -60,12 +60,12 @@ public function handle(RouteMatchInterface $route_match, Request $request) {
       $method_settings = $config[$plugin][$request->getMethod()];
       if (empty($method_settings['supported_formats']) || in_array($format, $method_settings['supported_formats'])) {
         $definition = $resource->getPluginDefinition();
-        $class = isset($definition['serialization_class']) ? $definition['serialization_class'] : NULL;
         try {
-          if ($class) {
-            $unserialized = $serializer->deserialize($received, $class, $format, array('request_method' => $method));
+          if (array_key_exists('serialization_class', $definition)) {
+            $unserialized = $serializer->deserialize($received, $definition['serialization_class'], $format, array('request_method' => $method));
           }
-          // Avoid denormalization because we need to instantiate a class.
+          // If the plugin does not specify a serialization class just decode the received data.
+          // Example: received JSON is decoded into a PHP array.
           else {
             $unserialized = $serializer->decode($received, $format, array('request_method' => $method));
           }
diff --git a/core/modules/rest/src/Tests/UserTest.php b/core/modules/rest/src/Tests/UserLoginTest.php
similarity index 97%
rename from core/modules/rest/src/Tests/UserTest.php
rename to core/modules/rest/src/Tests/UserLoginTest.php
index 4c2d48a..f37a749 100644
--- a/core/modules/rest/src/Tests/UserTest.php
+++ b/core/modules/rest/src/Tests/UserLoginTest.php
@@ -2,19 +2,17 @@
 
 /**
  * @file
- * Contains Drupal\rest\test\AuthTest.
+ * Contains Drupal\rest\test\UserLoginTest.
  */
 
 namespace Drupal\rest\Tests;
 
-use Drupal\rest\Tests\RESTTestBase;
-
 /**
  * Tests REST user login.
  *
  * @group rest
  */
-class UserTest extends RESTTestBase {
+class UserLoginTest extends RESTTestBase {
 
   /**
    * Modules to install.