Protect rest ful web services
Question
I'm developing an application to search events. I'm using backbone.js to build this application. I have some web services to get the information about the events. For example, I have a web service to get all the events in database, another web service to get information about an event given an id, etc... I would to know if it is possible protect my web services, for that people can not access.
In my code I have a collection that have a url that corresponds a web service:
ev.models.ImagemCollection = Backbone.Collection.extend({
url: 'http:/.../.../webservices/services/events/',
initialize: function(){
console.log("Collection Home Inicializado");
}
});
If I access the DevTools in web browser, with some search I can find url with web service, but I would like hide this information somehow.
Any idea?
1 answers
solution1
0 2015-02-05 23:25:17
The RESTful routes are configured in your backend, and if you want to disallow users to access them, you need to create a filter on your backend route that is executed before the route is hit.
This is the case when you (for example) want to only give access when the user authenticates. The filter you apply on the route is custom, you can define it whichever way you want; in this case the filter checks the "authenticated" status.
Whenever the user did not authenticate, your filter can then return a message from the backend, saying something like eg. "You need to authenticate first."
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.