Menu
OK... the basic idea is to have SERVER and CLIENT physically separated (two systems).
My idea is to build a stand-alone web service (REST, XML, API-KEY) that will provide
Then I will create clients in different languages (Flash, PHP, JavaScript). Data will be served only to authenticated users.
Tipical communication for user to get list of products will be:
OK... Now the problem I have is the user session. Say we want to build Javascript client, we actually have to create PHP client that will communicate with REST (PHP knows about REST API-KEY) and will forward info to Javascript (CLIENT) right? User will login through PHP to REST server right and then request data through PHP to REST server?
Questions:
951
Users of the REST API can authenticate by providing a user ID and password to the REST API login resource with the HTTP POST method. An LTPA token is generated that enables the user to authenticate future requests. This LTPA token has the prefix LtpaToken2 .
For e.g. while logging into your email account, you prove that you are you by providing a Username and a Password. If you have the Username and the Password you are who you profess to be. This is what Authentication means. In the context of REST API authentication happens using the HTTP Request.
One of the most common authentication methods used by REST APIs is username and password authentication. There are several different types that use a username and password but the most common one is HTTP Basic authentication.
A RESTful interface does not store any information about a particular user's session. It is the client's job to maintain the information about what it is doing.
Authenticate the user on every request by providing information in the Authorization HTTP header. IF this becomes a performance problem, then look at alternative solutions to optimize perf.
164
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
