Answer the question
In order to leave comments, you need to log in
M
M
Maxim Pelevin2013-10-06 15:12:24
Maxim Pelevin, 2013-10-06 15:12:24
How to ensure user authentication for REST requests?
How is the check of the rights to create / read / change / delete in requests to the site api achieved? At the same time, if the request is made from the internal pages of the site, then how to ensure the security of data for authentication (for example, if this is done through an Ajax request using a user key)?
3 answer(s)
@PopeyetheSailor
@k12th
@xmoonlight
P
PopeyetheSailor, 2013-10-06 @PopeyetheSailor
In my case, everything was implemented in the same way for xhr and regular http requests, I don’t see a fundamental difference.
K
Konstantin Kitmanov, 2013-10-07 @k12th
When a username and password comes from the client, we send him a token. The client must send this token with each request in a special field (we sent it in the header called Authorization).
X
xmoonlight, 2013-10-06 @xmoonlight
Use an equivalent of MD5-CRAM (two-cycle authentication).
Almost all hash functions are already available as JS libraries.
You can use parameter passing from any domain to yours via HTML5.
javascript.ru/ajax/cross-origin-2
Similar questions
C
C
A
D
T
Teammate2018-03-03 19:55:00
A pop-up window from a malicious site has opened, should I be worried?
3Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question