堆栈内存溢出
  简体   繁体   English

用户如何通过用户名和密码传递API密钥?

[英]How users pass API key with their username and password?

 原文  2015-07-17 12:11:14       api/ rest/ http/ jax-rs

问题描述

I'm following this tutorial and it works like a charm. 我正在关注本教程 ,它的工作原理很吸引人。 But many things are harcoded so I need to change them. 但是很多事情都被困扰了,所以我需要改变它们。 I have to check in DB if the username and password are correct and so on... But I don't understand how API keys (or service keys) works. 我必须在数据库中检查用户名和密码是否正确等等,但是……我不明白API密钥(或服务密钥)是如何工作的。

On the tutorial code, the service key is passing through HTTP header, and then the login method checks if it is matching with username and password provided. 在教程代码上,服务密钥通过HTTP标头传递,然后login方法检查它是否与提供的用户名和密码匹配。 But if each user has a unique service key, how users can pass it through HTTP header? 但是,如果每个用户都有一个唯一的服务密钥,那么用户如何通过HTTP标头传递它呢? Users put their usernames and password into form fields and then press the login button 用户将其用户名和密码输入表单字段,然后按登录按钮

The tutorial says that the service key is provided to the user by email or other methods. 本教程说,服务密钥是通过电子邮件或其他方法提供给用户的。 But how the user enters it in the HTTP header of the login form? 但是用户如何在登录表单的HTTP标头中输入呢? Where this service key is coming from? 该服务密钥来自何处?

1 个解决方案

解决方案1
 1 已采纳  2015-07-17 12:33:37

The service key is to give access to the API, not individual users. 服务密钥用于授予对API的访问权限,而不是单个用户。 So take twitter for example: twitter users log in with username and password and don't need a service key. 因此以twitter为例:twitter用户使用用户名和密码登录,不需要服务密钥。 But if you wanted to build your own twitter platform where users can log in to your page and see their tweets in your app (like tweetdeck), you'd need to get a service key to use the twitter API, and you'd send this key along with your http requests from your server to twitter every-time a user logs into your page. 但是,如果您想构建自己的Twitter平台,以便用户可以登录到您的页面并在您的应用程序中查看他们的推文(例如tweetdeck),则需要获取服务密钥才能使用twitter API,然后发送每次用户登录到您的页面时,此键以及服务器发出的HTTP请求(来自Twitter)。 Service keys are a way of identifying clients (ie applications) using the API, not specific users using the application. 服务密钥是一种使用API​​识别客户端(即应用程序)的方法,而不是使用该应用程序识别特定用户的方法。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Python 使用用户名、密码和 API 密钥连接到 API - Python connect to API using username, password and API key 如何使用Angular 2连接到需要用户名和密码的API - How to connect to an API that requires a username and password with Angular 2 如何使用 php 使用带有用户名和密码的 API? - How to consume an API with username and password using php? 如何连接需要用户名和密码的 API - How to connect with an API that requires username and password Rails API:使用用户名/密码或facebook令牌从本机移动应用程序验证用户 - Rails API: Authenticate users from native mobile apps using username/password or facebook token How to hit sonarQube api with username and api token in postman.(bearer token and username password is working Problem with UserName and Api Token) - How to hit sonarQube api with username and api token in postman.(bearer token and username password is working Problem with UserName and Api Token) 您可以将SendGrid的PHP v5.5.1 API与用户名和密码(而非API密钥)一起使用吗? - Can you use SendGrid's PHP v5.5.1 API with the username and password instead of API Key 更改邮递员API中的用户名和密码 - Change username and password in postman API 使用用户名和密码访问HipChat API - Accessing the HipChat API With Username and Password 如何使用Facebook令牌和用户名/密码构建PHP API身份验证 - How to build PHP API authentication with Facebook token and username/password
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM