Anyone have any patterns they have followed in this situation? I realize that some may have objections to my implementation, but I am developing an internally-used corporate website, so I don't have leeway in the matter. I know how I *could* do this, but would be happy to hear others' thoughts on implementation first.
On Thursday, August 21, 2014 9:19:28 AM UTC-4, Richard Sugg wrote: > > Perhaps it would have been better if I posed the question this way: I have > a client that cannot use the standard means of authentication, but does > support Basic authentication. What is the best way to support multiple auth > methods? > > On Wednesday, August 20, 2014 2:01:09 PM UTC-4, Richard Sugg wrote: >> >> What's the best way to handle multiple authentication methods? I normally >> have users login and create a session in the database. A user can only >> login once at a time. If they open another browser and login, their first >> session is invalidated. However, I also want to use some of the same urls >> for automated processes which might run in parallel. If a two processes try >> to authenticate and call a url, only the second process will have a valid >> session. So for automation, it makes better sense to use Basic auth and >> leave sessions to actual users. >> >> So what's the best way to handle this? Would I have to write a bridge >> that checks one method and then the other? Or is there a better way? >> > -- You received this message because you are subscribed to the Google Groups "Mojolicious" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/mojolicious. For more options, visit https://groups.google.com/d/optout.
