Codeigniter,Restful API和如何使用密钥
[英]Codeigniter, Restful API & How to use Keys
问题描述
I am using Phil Sturgeon's & Chris Kacerguis Restful server (visit here https://github.com/chriskacerguis/codeigniter-restserver ) and have a general question about the use of API KEYS. 
我正在使用Phil Sturgeon和Chris Kacerguis Restful服务器(请访问https://github.com/chriskacerguis/codeigniter-restserver ),并对使用API KEYS有一个一般性问题。 I am very new to APIs and the concepts. 我对API和概念非常陌生。
How do KEYS work? KEYS如何运作? There is a table called KEYS defined as follows: 有一个称为KEYS的表,定义如下:
| Default table schema:
| CREATE TABLE `keys` (
| `id` INT(11) NOT NULL AUTO_INCREMENT,
| `user_id` INT(11) NOT NULL,
| `key` VARCHAR(40) NOT NULL,
| `level` INT(2) NOT NULL,
| `ignore_limits` TINYINT(1) NOT NULL DEFAULT '0',
| `is_private_key` TINYINT(1) NOT NULL DEFAULT '0',
| `ip_addresses` TEXT NULL DEFAULT NULL,
| `date_created` INT(11) NOT NULL,
| PRIMARY KEY (`id`)
| ) ENGINE=InnoDB DEFAULT CHARSET=utf8;
There are methods in a class called KEYS as follows: 称为KEYS的类中有一些方法,如下所示:
index_put() // key created. builds a new key.
index_delete() // Remove a key from the database to stop it working.
level_post() // Update Key. Change the level.
suspend_post() // Update Key. Change the level.
regenerate_post() // Regenerate key. Remove a key from the database to stop it working.
As this package is not well documented and I am new to API, how does above work? 由于此文件包没有很好的文档说明,并且我是API的新手,因此上述工作原理如何? For example, do I generate 1 key and insert it to the db permanently. 例如,我是否生成1个密钥并将其永久插入数据库。 Why is there a delete methods? 为什么会有删除方法?
From my readings, it sounds like I generate an initial X-API-KEY for the app and then when the client uses a resource I would swap the X-API-KEY for another key using the KEYS class. 从我的阅读中,听起来好像我为应用程序生成了一个初始X-API-KEY,然后当客户端使用资源时,我会使用KEYS类将X-API-KEY交换为另一个密钥。 I would delete it, too, but when? 我也会删除它,但是什么时候? ... or am I all screwed up in my understanding? ...还是我全都搞砸了?
1 个解决方案
解决方案1
1 已采纳 2018-11-21 05:51:18
Lots of good questions here. 这里有很多好的问题。
"How do KEYS work?"
A RESTful API service can serve a number of different users, so the API key is an individual key to grant access to the REST API. RESTful API服务可以为许多不同的用户提供服务,因此API密钥是用于授予对REST API的访问权限的单个密钥。 This allows the service administrator to grant or revoke access to different users or modify permissions granted to each user. 这使服务管理员可以授予或撤消对不同用户的访问权限,或修改授予每个用户的权限。
"Why is there a delete method?"
This is in place to revoke API access for a specific key. 可以撤销特定密钥的API访问权限。 There could be a number of reasons why this would be used. 使用此功能可能有多种原因。 Perhaps the API user violated the terms of service, or if it's a paid service perhaps their subscription has ended or been revoked. API用户可能违反了服务条款,或者如果它是一项付费服务,则他们的订阅已终止或被撤销。 It allows the administrator to cancel a user's access to the API service. 它允许管理员取消用户对API服务的访问。 This should also answer your question of "when?" 这也应该回答您的“何时”问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.