Matt Jones wrote: > If your site is like most, API keys are handed out to users. So it > would probably be best to just store the key on the user model, and > then do a User.find_by_api_key(..etc...) in your before_filter. > > --Matt Jones > > > On May 30, 6:02�am, Neil Cauldwell <[email protected]>
Thanks Matt I was coming to the conclusion that all apps are authorizing API keys per user, rather than per business or account, as I was thinking of doing in this instance. The main reason for the original line of thought is that this application charges for usage per 'Site' (it's a bit like you might expect a 'Business' or 'Account' model to work) and I've been reading that the main reason for API keys is that can be used to monitor usage - and if I'm monitoring usage, I'm probably going to do it on a per-Site model basis. Here's a tutorial on how to add the API keys to restful-authentication, in case any fellow new newbies stumble across this thread; http://www.compulsivoco.com/2009/05/rails-api-authentication-using-restful-authentication/ -- Posted via http://www.ruby-forum.com/. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to [email protected] To unsubscribe from this group, send email to [email protected] For more options, visit this group at http://groups.google.com/group/rubyonrails-talk?hl=en -~----------~----~----~----~------~----~------~--~---
