Re: [Rails] Authentication for both web & api

On Nov 21, 2013, at 4:12 PM, renu mehta <lists@ruby-forum.com> wrote:

> Hello,
>
> I need to develop an application which needs to authenticate user by
> verifying login name/password for both web access and api. I need the
> same controller to cater to both web and api. I can put the
> before_filter for the controller to make sure that user is logged-in and
> user_id is in session. But how do I design the controller that if the
> request comes as a rest web service request then before filter should
> not check session for logged user but should authenticate with
> login/password passed as parameters with request and then should go
> ahead whichever way the request came to controller.
>
> I would really appreciate any code samples/links to sites which explain
> how to do that.
>
> Thanks.

So I haven't personally implemented such a thing, but I've used such things. AWS API requests do this thing where you establish a connection using the two keys (access and secret) and get a token to use for the rest of your API accesses (I'm pretty sure this times out eventually). I'm sure you could work something similar to that using the user/pw?

--
You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rubyonrails-talk+unsubscribe@googlegroups.com.
To post to this group, send email to rubyonrails-talk@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/rubyonrails-talk/D8C1B9A8-83A6-4BEE-8D92-C0231F08A806%40gmail.com.
For more options, visit https://groups.google.com/groups/opt_out.