堆栈内存溢出
  简体   繁体   English

如果用户未使用我的Web(导轨)应用程序(例如使用API​​),我该如何对他们进行身份验证

[英]How do I authenticate a user if they are not using my web (rails) application, e.g. using an API

 原文  2012-03-15 05:00:21       ruby-on-rails/ rest/ oauth/ omniauth

问题描述

I have created a Rails (3.2) application that uses the OmniAuth gem to provide OAuth authentication. 我创建了一个使用OmniAuth gem提供OAuth身份验证的Rails(3.2)应用程序。 Users can log into the site using their Twitter, Facebook or Google credentials, pretty bog-standard functionality. 用户可以使用自己的Twitter,Facebook或Google凭据登录到该站点,这是非常糟糕的标准功能。

I now want to make the data available via an API so it can be consumed outside of my web application, however, users would still have to login to be able to access their data. 我现在想通过API提供数据,以便可以在我的Web应用程序之外使用它,但是,用户仍然必须登录才能访问其数据。 How do I do this in my Rails APP? 如何在Rails APP中执行此操作? And what would the user have to do to be able to call this? 用户必须怎么做才能拨打电话?

UPDATE Some people are suggesting "alternative" authentication methods, but I am wondering if I cannot use the same OAuth credentials I already have for them. 更新有些人建议使用“替代”身份验证方法,但是我想知道我是否不能使用已经为它们使用的相同OAuth凭据。 I don't want them to have to provide another username/pwd, I want them to be able to use their Twitter, Facebook or Google Identities as they do when they use the WebUI. 我不想他们必须提供其他用户名/密码,我希望他们能够像使用WebUI一样使用其Twitter,Facebook或Google身份。

2 个解决方案

解决方案1
 0  2012-03-15 05:09:07

authenticate_with_http_basic (or digest if you like) might work for you, called from a before filter in the controller. 从控制器中的before过滤器调用的authenticate_with_http_basic(如果需要,也可以摘要)可能对您有用。

You can test with curl, using the --user parameter. 您可以使用--user参数对curl进行测试。

Here's a good thread on the topic: In Ruby on Rails, what does authenticate_with_http_basic do? 这是一个关于该主题的好线程: 在Ruby on Rails中,authenticate_with_http_basic有什么作用?

解决方案2
 0  2012-03-15 07:05:13

Devise has the feature token authentication which is what you are looking for. Devise具有所需的功能令牌认证。

Also visit http://zyphmartin.com/blog/simple-auth-token-example-with-devise 另请访问http://zyphmartin.com/blog/simple-auth-token-example-with-devise

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用Rails中的minitest测试我的控制器中的(例如)@project.save的失败? - How do I test for failure of (e.g.) @project.save in my controller using minitest in Rails? 使用Rails验证,如何将一个短语列入白名单,例如“ Learn Ruby” - Using Rails validations, how do I whitelist a phrase, e.g., “Learn Ruby” 如何获取我的Rails应用程序的基本URL(例如http:// localhost:3000)? - How do I get the base URL (e.g. http://localhost:3000) of my Rails app? 如何使用Rails API验证用户身份? - how to authenticate the user using rails api? Ruby on Rails问题-如何从请求首次命中应用程序时开始衡量响应时间? (例如,使用“基准”) - Ruby on Rails question - how can I measure response time from when request first hits app?? (e.g. using 'benchmark') 使用Haml对象引用,例如%div [@user] - Using the Haml object reference e.g. %div[@user] Rails:创建记录(例如,用户)后,更新另一个表(例如,不是用户表)吗? - Rails: After creating a record (e.g. a user) update another table (e.g. not the users table)? 如何手动创建嵌套的POST参数? (例如,我在.Net中创建请求以联系Rails后端) - how do I manually create POST parameters that are nested? (e.g. I'm creating the request in .Net to contact a Rails backend) 使用 omniauth 和 Facebook 对 Rails API 的用户进行身份验证? - Authenticate user using omniauth and Facebook for a rails API? 如何为Rails 3应用程序中的用户创建匿名电子邮件地址(例如abcd11245@craigslist.org)? - How do I create anonymous email addresses (e.g. abcd11245@craigslist.org) for users in a Rails 3 app?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM