restful-authentication

问题 I'm making REST API for my JS driven app. During login, the login form is submitted via AJAX to url /rest/login of my API. If the login is succesful, it returns 204 If it fails, it returns 401 While I have separated firewalls for the API and the app itself, they share the same context which should mean, that when user authenticates against the API, he's authenticated against the app too. So, when the server returns 204, page will reload and it should redirect user to the app, because he's now

问题 Closed . This question is opinion-based. It is not currently accepting answers. Want to improve this question? Update the question so it can be answered with facts and citations by editing this post. Closed 2 years ago . Along with half of the web developer community, I've been struggling to really and truly grok the REST style. More specifically, I've been trying to form some opinions on how practical a pure RESTful architecture really is between a web browser and an application server. As

问题 I've created a learning application using Bort, which is a base app that includes Restful Authentication and RSpec. I've got it up and running and added a new object that requires users to be logged in before they can do anything( before_filter :login_required in the controller). [edit: I should also mention that the user has_many of the new class and only the user should be able to see it.] I've created the new model/controller using Rspec's generators which have created a number of default

问题 I am having some difficulties POSTing a json object to an API that uses REST. I am new to using cURL, but I have searched all over to try to find an answer to my problem but have come up short. My cURL request is always returning false. I know it isn't even posting my json object because I would still get a response from the url. My code is below. <?php //API KEY = APIUsername //API_CODE = APIPassword $API_Key = "some API key"; $API_Code = "some API code"; $API_email = "email@email.com"; $API

问题 I'm implementing a RESTful web service using ASP.Net Web Api. I have concluded to use Basic authentication + SSL to do the authentication part. What is the best/correct way to implement that? My first attempt was to do it manually, parsing the Authorization header, decoding and verifying the user against my database. It works, but I wonder if I am missing something. I've seen some solutions using user roles and principals. While I'm not sure what these actually do, I'm almost sure I will not

问题 A similar question is posted here: What's an appropriate HTTP status code to return by a REST API service for a validation failure? The answer in the thread above states that "For instance if the URI is supposed to have an ISO-8601 date and you find that it's in the wrong format or refers to February 31st, then you would return an HTTP 400. Ditto if you expect well-formed XML in an entity body and it fails to parse." However, what happens if the user submitted correctly formatted data? By

问题 I am beginning to believe I am a grossly incompetent programmer. After a lot of reading, I still cannot figure out how to cleanly implement an authentication mechanism for a RESTful WCF Service. I have tried everything: Following this guide, only to find out that the proposed authentication mechanism is a ugly hack. Installing the WCF REST Starter Kit, only to find out it is obsolete and has been replaced with another project template. Install said project template, only to find out it does

问题 I am using node with express + mongoose and trying to use passport.js with restful api. I keep getting this exception after authentication success (I see the callback url on the browser): /Users/naorye/dev/naorye/myproj/node_modules/mongoose/lib/utils.js:419 throw err; ^ Error: passport.initialize() middleware not in use at IncomingMessage.req.login.req.logIn (/Users/naorye/dev/naorye/myproj/node_modules/passport/lib/passport/http/request.js:30:30) at Context.module.exports.delegate.success (

问题 I have already installed mediawiki , but I want to make users authenticate from external authentication form.When they enter the right username and password , they are redirected to the wiki page and do not need to retype the Login data again , and hence they can go to edit the wiki the way they want.How can I achieve that? 回答1: Use the mediawiki API with action=login . See http://en.wikipedia.org/w/api.php 回答2: If you have external authentication service that provides web authenticaion

问题 We try to substitute an existing Spring Security Basic Login for a REST-API in an Open Source Application to achieve a custom login with a token. I read this blogpost about the topic: http://javattitude.com/2014/06/07/spring-security-custom-token-based-rest-authentication/ When the request has no header named "Cookie", I get correcty a 401 - unauthorized response (expected behaviour). When the request has a valid token, I get an infinite loop causing a java.lang.StackOverflowError : Exception