10.3.2013 22:54, Pratik Mandrekar kirjoitti:
Hello,
I'm trying to figure out what would be the best way to integrate django
with ember.js/backbone from the user authentication point of view. I'm
using Tastypie for creating RESTful resources.
I have no problem creating APIs once a user has been authenticated using
the Session based authentication but I am wondering what is the best
RESTful way to create a user authentication API that can confirm to
Session based authentication.
Also if I'm not mistaken the right way to authenticate the client is via
the API key authentication right?
There is not exactly "RESTful way to authenticate", since after all REST
is just an architecture to represent different resources and thus it's
totally agnostic what comes to authentications and such.
Simplest one (if you're use HTTP(S)) is to use basic/digest auth. Though
true REST is protocol agnostic (for example it could use unix sockets)
Query authencation, a.k.a. API key, only one that you can do protocol
agnostic way.
Cookie-based, for example posting credential query as POST (to create
new cookie) to /sessions/ url. Binds REST to HTTP(S) protocol again and
DELETE to /sessions/<session-id>/ to logout
Personally, if working with Django and HTTP I would go for cookie based
auth since it would be natural.
Otherwise API key isn't that bad option.
--
Jani Tiainen
- Well planned is half done and a half done has been sufficient before...
--
You received this message because you are subscribed to the Google Groups "Django
users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
