Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

basic auth with rails-api

Tags:

I'm sure that I'm doing something wrong here, but this is what my application controller looks like:

class ApplicationController < ActionController::API                                                                                                                                                                                                           include ActionController::HttpAuthentication::Basic                                                                                                                                                                                                         include ActionController::MimeResponds                                                                                                                                                                                                                       http_basic_authenticate_with :name => "joeyjojo", :password => "shabadoo" end 

I can't figure out why my http_basic_authenticate_with is throwing this error:

undefined method `http_basic_authenticate_with' for ApplicationController:Class 

I'm sure it's something simple, but I don't see it. The MimeResponds is working just fine in other controllers.

like image 692
thatmiddleway Avatar asked May 03 '12 17:05

thatmiddleway


People also ask

Is Basic Auth safe for API?

Basic authentication is simple and convenient, but it is not secure. It should only be used to prevent unintentional access from nonmalicious parties or used in combination with an encryption technology such as SSL.

What is Basic Auth in API?

With Basic Authentication, you pass your credentials (your Apigee account's email address and password) in each request to the Edge API. Basic Authentication is the least secure of the supported authentication mechanisms. Your credentials are not encrypted or hashed; they are Base64-encoded only.

Is API key Basic Auth?

API keys are supposed to be a secret that only the client and server know. Like Basic authentication, API key-based authentication is only considered secure if used together with other security mechanisms such as HTTPS/SSL.


1 Answers

You have to include ActionController::HttpAuthentication::Basic::ControllerMethods instead, to have the methods available. Here's the module in ActionController::Base

like image 104
Carlos Antonio Avatar answered Oct 26 '22 07:10

Carlos Antonio