问题
I am using Rails as my server of an iOS application. Currently, from the App, it launches an URL request for a web page from the server to get the data. My question is, how can I guarantee that only my App can access the server, one can't get anything from the clients/apps/browsers from my server?
回答1:
I don't use Rails for my Server, i use PHP. But I think the approach is the same. Add a sort of a key to your Request. I do it always as a POST value. Hardcode this key in your application. In PHP I do the following on my server in the first line of the scripts:
if ($_POST['secret'] != "YOUR_KEY") {
die('You are not allowed to use this Webservice.');
}
Instead of YOUR_KEY I use strings as "UKZ6b79MKHK" and so on... So far it worked for my stuff. ;-) I hope my answer hepls you even if it's not Rails.
Sandro Meier
来源:https://stackoverflow.com/questions/6082240/how-to-verify-the-identity-of-the-client-from-the-server