How to implement authorization in Rest?

P

PoodingRex2017-05-30 10:51:59

PHP

PoodingRex, 2017-05-30 10:51:59

Good day. Can you please tell me the easiest way to implement authorization in a REST service in php?
those. there is a list of users with a login and password in the database, users enter and send data to the server, which checks them for compliance with the database, and then what kind of magic happens?
I see only one option - to generate some kind of key, write it to the database opposite the user + write it to LocalStorage, and then, with any access to the private section (where authorization verification is needed), it checks whether the key matches in LS and the database. Does this option have a right to exist? Will it be at least a little safe?

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

S

Sergej, 2017-05-30
@PoodingRex

JWT and no need to reinvent the wheel. (There are packages for all frameworks)
Get a token and use it. The token can have permissions, ekperins, etc.

A

Alex, 2017-05-30
@sensus

JWT - no options

A

Artem, 2017-05-30
@devspec

Don't reinvent the wheel - use OAuth .