Reputation: 2213
How to implement API authentication for Rails app with Authlogic
I have a Rails app with an iOS mobile client.
So far, I've had the iPhone client send HTTP requests to the normal URLs. I want to replace this with a proper API. I'm on Rails 3, and I'm using Authlogic for authentication.
I have watched the railscasts on versioned apis and securing APIs. But since I'm already using authlogic for authentication, I think reimplementing token creation would be unnecessary?
I created the API just as Ryan Bates suggests in this episode with a controller under app/controllers/api/v1/. I have corresponding views with RABL in views/api/v1.
My controller is
module Api
module V1
class RecordsController < ApplicationController
respond_to :json
def index
status = RecordStatus.where("name = ?", "processed").first
@records = current_user.records.where("record_status_id = ?", status.id)
end
def show
@record = Record.find(params[:id])
end
end
end
end
Basically, I've read a lot on the different options to implement (including a bunch of answers on SO) and I'm just really stumped as to what's the best way for me to implement authentication, securely. Should I go to oauth? Can I do it with authlogic? Which option would make it easy to use from the iOS side? Which option is easiest to implement?
Any guidance would be helpful.
Upvotes: 1
Views: 1672
Answers (1)
Reputation: 19879
Perhaps you could use the single access token stuff that's in authlogic already?
http://rubydoc.info/gems/authlogic/Authlogic/Session/Params
Upvotes: 0
Related Questions
- API Authentication for user logged in to a Web App server
- Authlogic and iPhone app login
- How to authenticate Rails application using token from 3rd party API?
- Rails-api HTTP token authentication
- api authentication in rails 3
- Rails Authlogic authentication method
- Using authlogic_api for Rails REST API access
- Rails: Basic Authentication with Authlogic
- Authlogic - Authentication via basic HTTP authentication
- Rails: Authorization with Authlogic