Reputation:
creating Basic authentication in Slim framework
I had seen 2 questions on SO and several topics on google but that didn't helped me out
Slim provides you different methods like PUT,GET,POST etc. I want to implement basic authorization like being implemented by many API's. First question: Is SSL necessay? (I dont have currently) Second question: How to implement it? as in i have to send username and password in headers in encrypted form and then after this I have to use this authentication in each API call Any help?
Upvotes: 6
Views: 18730
Answers (2)
Reputation: 1405
You can use Slim Authentication and XSS Middlewares, for example HttpBasic. So added the Extras to your Slim Framework:
https://github.com/codeguy/Slim-Extras/tree/master/Middleware
How to use it? As as this:
use \Slim\Slim;
use \Slim\Extras\Middleware\HttpBasicAuth;
$app = new Slim();
$app->add(new HttpBasicAuth('theUsername', 'thePassword'));
Upvotes: 7
Reputation: 812
You should really use SSL because you'll be sending passwords (or API secrets) over the internet. If it's not encrypted, anyone in between the user and your server can steal those credentials.
That's right - you'll send the username/pwd in the headers. There are a lot of resources out there for how to do http basic authentication. For example, this SO question. You'll need to authenticate on each call because you're making a RESTful API (i.e. stateless, so you can't have an 'authorized' state).
I'm not sure off-hand how you would get the username and password, but I would think they'd be in $app->request->headers()
Upvotes: 1
Related Questions
- Authentication failure with Slim Basic Auth
- Slim framework - API Security
- PHP - REST - Slim Framework HTTP Basic Auth - 401 Unauthorized
- implementing access control authentication with php Slim framework
- Slim HttpBasicAuth
- Authentication for Slim framework not working
- Slim Basic Authentication
- How to authorize rest api in php with Basic Authentication
- Securing a REST API and Slim Framework
- Slim Framework authentication