Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
I
I
Ivan Pavlenko2018-09-14 10:00:56
RESTful API
Ivan Pavlenko, 2018-09-14 10:00:56

Authentication via REST API by direct request?

I decided to try RestAPI in PHP.
The framework chose lemonade.
I'm trying to put together a simple authentication system.
The request looks something like this 127.0.0.1/uchet/api/v1.0/auth/ivan/123
I'm confused by passing the password to the URL, is this allowed at all, can it be somehow different?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
I
Ivan Shumov, 2018-09-14
@inoise

Use JWT, just remember that this is not authentication, but just a token format that provides a certain level of trust. And not in get query string, but headers.
Especially for those who advise POST - read what REST Verbs are, why they are needed and about caching. Caching GET is critical for the API, if you use POST to get data, and not to write, it is no longer REST.

Report
A
Artem, 2018-09-14
@ulkoart

Is this allowed at all - of course not !!!
upd:
POST with pass in auth url, token in response, then it in headers

Similar questions
A
Askhat Bikmetov2015-04-06 12:12:51
How to write to the database inside the background worker? 2Reply
N
NEO not chosen2019-09-06 14:55:23
How to notify about the status of a certain process through RestAPI? 2Reply
N
nuclear_kote2017-04-12 19:03:34
How to send sse from jersey to a specific client? 0Reply
R
ReNoM2017-04-19 15:11:04
Is it possible to manually set the values ​​of the fields of the created model using yii\rest\CreateAction? 0Reply
L
lexstile2021-04-07 18:08:34
What happens if you do not encode data in JSON? 0Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question