trying to figure out how authentication is performed in this example
Question
I am looking at some example code and can't figure out how authentication is done.
Any ideas how this simple code authenticates users?
Thanks,
<script type='text/javascript'>
//<![CDATA[
window._auth_token_name = "authenticity_token";
window._auth_token = "k0d6elNSSvaejR63eiqcZrv3O8fU/6VL2kvoqmpdO6k=";
//]]>
</script>
</head>
<body>
<div id="messages">
<div id="info"></div>
<div id="error"></div>
</div>
<div id="header">
</div>
<div id="center">
<table>
<form action="/admin/login" class="new_user" id="new_user" method="post"><div style="margin:0;padding:0;display:inline"><input name="authenticity_token" type="hidden" value="k0d6elNSSvaejR63eiqcZrv3O8fU/6VL2kvoqmpdO6k=" /></div>
<tr>
<td>Username</td>
<td><input id="user_username" name="user[username]" size="30" type="text" /></td>
</tr>
<tr>
<td>Password</td>
<td><input id="user_password" name="user[password]" size="30" type="password" />
</tr>
<tr>
<td colspan="2">
<input id="user_submit" name="commit" type="submit" value="Log in" />
</td>
</tr>
</form>
</table>
</div>
2 answers
solution1
0 ACCPTED 2012-01-03 07:42:09
that simple code does not authenticate anything, It's simply a html page with a form to submit. The authentication process takes place on a server at this route: /admin/login
the server could be anything.. php, ruby on rails etc
solution2
0 2012-01-03 07:44:53
The authentication is done on the server side in the code that responds to the action admin/login. The authenticity you see on the page is to prevent cross site scripting and is in no way connected to the login.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.