简体繁体中英

REST API request authentication

原文 2017-01-16 13:33:31 6 1 angularjs/ node.js/ rest/ mean-stack

I've been trying out the whole MEAN concept of having a REST API for your front-end to access and so on and so forth.

How do I verify that the request to my API is from an ongoing session? Any "token" that I may have the Angular section send in every request for authentication, can be viewed by any person curious enough to look for it.

Said person can take that token and issue "authenticated" requests to the API until the cows come home. How do you get around this?

ie, I wouldn't like someone with a token use the API to get access to information that may be sensitive to a user etc

1 answers

您可以使用多种机制，例如 CSRF 和 CORS 来确保请求来自给定的域名（即您自己的网站）

REST API with token based authentication

Ionic Rest api Put Request

Firebase simple login for authentication with the REST api

REST API and client on same server, need API authentication?

Ajax request to Spring REST api 415 error

Angularjs $http request using rest api

CakePHP 3 REST API + CORS Request and OPTIONS method

AngularJS GET request to Flask/rest API

API For REST Request From NodeJS to Backend

暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question REST API with token based authentication Ionic Rest api Put Request Firebase simple login for authentication with the REST api Login authentication using angular + java rest api REST API and client on same server, need API authentication? Ajax request to Spring REST api 415 error Angularjs $http request using rest api CakePHP 3 REST API + CORS Request and OPTIONS method AngularJS GET request to Flask/rest API API For REST Request From NodeJS to Backend

Related Tags

REST API request authentication

Question

1 answers

solution1 1 2017-01-16 13:37:44

solution1
1 2017-01-16 13:37:44