0

Im currently trying to build a REST API on ruby on rails.

After logging in (not using the REST API), I am able to use to the commands I have made in the controllers.

But how can I log in using REST API?

So something like when I type 

http://localhost:3000/api/v1/login/'test@test.com','12345'.

the test user can login, and after that, if I choose to do something like 

http://localhost:3000/api/v1/viewuser/2

I get a JSON object which shows user with ID - 2 details.

If I do any of the Get requests right now without logging in, i get message saying 'You have to sign in / sign up first'.

The project currently uses Devise to authenticate.

user2775042
  • 509
  • 2
  • 6
  • 21
  • 1
    Look into token-based authentication. When the user logs in with the REST API, it should return a secure and unique token which they pass to future API requests. It is important the token is handled safely and securely. See: http://stackoverflow.com/questions/1592534/what-is-token-based-authentication and https://github.com/lynndylanhurley/devise_token_auth – Jack Bracken Apr 10 '17 at 13:29
  • @JackBracken Can i have token based authentication just for users who use the REST api and have the current one working seperate? – user2775042 Apr 10 '17 at 13:42
  • Of course. your API will just be a new set of routes and controller actions. – Jack Bracken Apr 10 '17 at 15:04

1 Answers1

0

HTTP is by its very nature a stateless protocol. That is, without technologies such a browser sessions and cookies, no one request will have a bearing on another.

https://en.wikipedia.org/wiki/Stateless_protocol

APIs, since they don't have a browser to view them in, are unable to use things such as 'login' as it relies on client-side technologies which will not exist when using an API.

You should use a form of authentication for each of the requests such as:

  • A secret token/password appended as a query parameter to each request
  • OAuth
  • HTTP Basic Auth

or something similar.

This question gives a good example of using HTTP Basic auth in Rails.

Community
  • 1
  • 1
Max Woolf
  • 3,988
  • 1
  • 26
  • 39