which is best practice to use authetication in php API -

-

i use following technique in api authentication in php. use post method api call. in first api have send username , password. send post.

if match generate 1 randomkey in database call secretkey. secretkey has pass post field in other api.

so question is method proper or need use other techniques ?

one of solutions json web token, here's tutorial how use it

https://www.toptal.com/web/cookie-free-authentication-with-json-web-tokens-an-example-in-laravel-and-angularjs#land-prodigious-architects


Comments

Post a Comment

Popular posts from this blog

ios - Is 'init' forbidden as *part* of a variable name? -

-
i spent 3 hours debugging error , in end narrowed down (i think) variable name. i using initmonths (initial months) caused unpredicatable errors when changed imonths worked! i can understand preventing use of init on it's own surprised if prevented part of variable name. bug or feature? it's not bug if it's related name being overlap. there's part of arc used know when retain counts should updated, , may running that. similar rules apply use new @ start of names (for same reason). it's easy , wise steer clear of using init @ start of names unless it's init function. i can imagine issue related arc getting involved shouldn't , takes while called shouldn't, weird. i expect issue else , name change had other effect. worst case means have memory issue , changing name has changed memory footprint of code you've moved bug somewhere else (or along lines).
Read more

c# - Get the Class name in a class with atribute inside a attribute method -

-
i'm doing custom authorize attribute. want use attribute in class , controller level. this code work on method level public class customauthorizeattribute : authorizeattribute { public customauthorizeattribute([callermembername] string callername = null) { callername = callername; } public string callername { get; set; } protected override bool authorizecore(httpcontextbase httpcontext) { if (httpcontext.user.isinrole("admin")) return true; ... if (callername == something) { } ... return base.authorizecore(httpcontext); } } like that [customauthorize()] public actionresult index() { return view(); } but want use globally in controller [customauthorize()] public class usuarioscontroller : controller { salusdbcontext db = new salusdbcontext(); // get: usuarios public actionresult index() { ...
Read more

file - Python: AttributeError: 'str' object has no attribute 'readlines' -

-
i trying copy text mobilebuildsettings , use replace text abproject . getting following error , don't understand it. attributeerror: 'str' object has no attribute 'readlines' below code: with open("c:/abproject.build", "r+") script, open ("c:/tempfile.build","w+") newscript: abproject = ("c:/abproject.build") line in abproject.readlines(): if line == "@appidentifier@" : newabproject.write('"' + "appidentifier : " + '"' + appidentifier.get() + '"' + "\n") else: newabproject.write(line) abproject.close() newabproject.close() os.remove("abproject.txt") os.remove("tempfile.buil","abproject.txt") in order give answer jill1993's question , take moseskoledoye's answer : abproject = ("c:/abproject.build") abproject string object. furthermore, write : with open...
Read more