骨干基本HTTP REST API认证 [英] Backbone HTTP basic rest api authentication

问题描述

我Backbone.js的使用，并将它与一个无状态的REST API进行通信。一些调用需要身份验证，通过HTTP基础。

I am using Backbone.js and it communicates with a stateless rest API. Some calls require authentication, through HTTP basic.

我不明白的是，不知何故，我要验证每个请求，我怎么能这样做安全？我首先想到的是有一个cookie，存储用户名和密码，但是这将是脆弱的？

What I don't understand is, somehow I have to authenticate each request, how could I do this securely? My first thought was to have a cookie, store the username and password but this would be vulnerable?

可以这样做安全？

推荐答案

https://github.com /fiznool/backbone.basicauth 东西，你会发现有用吗？

Is https://github.com/fiznool/backbone.basicauth something you'd find useful?

此插件可以访问这是由HTTP基本认证通过您的骨干模型和集合保护的远程资源。

This plugin enables access to remote resources which are protected by HTTP Basic Authentication through your Backbone Models and Collections.

使用HTTP基本认证保护的资源需要以下HTTP头中每个请求设置：

A resource protected with HTTP Basic Authentication requires the following HTTP header to be set on every request:

授权：基本
访问令牌通过采取用户名和密码，用串联在一起形成：分离器和编码成Base64编码

Authorization: Basic The access token is formed by taking the username and password, concatenating together with a : separator and encoding into Base64.

本插件处理Base64编码，并自动设置上，它使用Backbone.sync每个请求的授权头。

This plugin handles the Base64 encoding and automatically sets the Authorization header on every request which uses Backbone.sync.

这篇关于骨干基本HTTP REST API认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！