Hello, I need to develop an application which needs to authenticate user by verifying login name/password for both web access and api. I need the same controller to cater to both web and api. I can put the before_filter for the controller to make sure that user is logged-in and user_id is in session. But how do I design the controller that if the request comes as a rest web service request then before filter should not check session for logged user but should authenticate with login/password passed as parameters with request and then should go ahead whichever way the request came to controller. I would really appreciate any code samples/links to sites which explain how to do that. Thanks.
on 2013-11-22 01:12
on 2013-11-22 22:00
On Nov 21, 2013, at 4:12 PM, renu mehta <firstname.lastname@example.org> wrote: > ahead whichever way the request came to controller. > > I would really appreciate any code samples/links to sites which explain > how to do that. > > Thanks. So I havent personally implemented such a thing, but Ive used such things. AWS API requests do this thing where you establish a connection using the two keys (access and secret) and get a token to use for the rest of your API accesses (Im pretty sure this times out eventually). Im sure you could work something similar to that using the user/pw?
on 2013-11-22 22:28
Basically, I want to know how to implement different authentication checks for different request paths - from browser or from api.