How can I implement authentication in my API?

I’m developing an API for my site, and I’m wondering how I can make it
so requests require basic access authentication (like in Twitter’s API
for example)? I’m using restful-authentication on Rails 2.3.2. Thanks!

Andrew wrote:

I’m developing an API for my site, and I’m wondering how I can make it
so requests require basic access authentication (like in Twitter’s API
for example)?
[…]

I’m no expert on this, but perhaps you want to use OAuth like Twitter
has done.

Best,

Marnen Laibow-Koser
http://www.marnen.org
[email protected]

There’s already support for basic auth in restful-authentication; it
only gets used by default for (off the top of my head) JSON and XML
formatted requests. The support is pretty simple - take a look at (in
restful_auth) AuthenticatedSystem#access_denied, and also the core
docs for ActionController::HttpAuthentication.

–Matt J.

Thanks Matt, that’s exactly what I was looking for.

Can you post your code how you fixed it please!
I am using also restful authentication and want to provide basic
authenticaton for xml!

Thank you

Wouter

def authenticate
@current_user = authenticate_or_request_with_http_basic { |u, p|
User.authenticate(u, p) }
end

Use as a before filter.

But with this code i have to authenticate every time when i try to
access the website…

I have this code for authenticate:

def authenticate
case request.format
when Mime::XML, Mime::ATOM
if self.user = authenticate_or_request_with_http_basic { |u,
p| User.authenticate(u, p) }
@current_user = user
else
request_http_basic_authentication
end
else
user = User.find_by_remember_token(cookies[:auth_token])
end
end

But when i try to access an xml resource i get the authentication
dialog and i get a page with error (ouldn’t find Profile without an
ID)
and when i refresh i get the right xml page… How can i fix this… My
authentication doesnt work because of this on android!

Thank you

But with this code i have to authenticate every time when i try to
access the website…

I have this code for authenticate:

def authenticate
case request.format
when Mime::XML, Mime::ATOM
if self.user = authenticate_or_request_with_http_basic { |u,
p| User.authenticate(u, p) }
@current_user = user
else
request_http_basic_authentication
end
else
user = User.find_by_remember_token(cookies[:auth_token])
end
end

But when i try to access an xml resource i get the authentication
dialog and i get a page with error (ouldn’t find Profile without an
ID)
and when i refresh i get the right xml page… How can i fix this… My
authentication doesnt work because of this on android!

Thank you

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs