骨干基本HTTP REST API认证 [英] Backbone HTTP basic rest api authentication
问题描述
我Backbone.js的使用,并将它与一个无状态的REST API进行通信。一些调用需要身份验证,通过HTTP基础。
I am using Backbone.js and it communicates with a stateless rest API. Some calls require authentication, through HTTP basic.
我不明白的是,不知何故,我要验证每个请求,我怎么能这样做安全?我首先想到的是有一个cookie,存储用户名和密码,但是这将是脆弱的?
What I don't understand is, somehow I have to authenticate each request, how could I do this securely? My first thought was to have a cookie, store the username and password but this would be vulnerable?
可以这样做安全?
推荐答案
https://github.com /fiznool/backbone.basicauth 东西,你会发现有用吗?
Is https://github.com/fiznool/backbone.basicauth something you'd find useful?
此插件可以访问这是由HTTP基本认证通过您的骨干模型和集合保护的远程资源。
This plugin enables access to remote resources which are protected by HTTP Basic Authentication through your Backbone Models and Collections.
使用HTTP基本认证保护的资源需要以下HTTP头中每个请求设置:
A resource protected with HTTP Basic Authentication requires the following HTTP header to be set on every request:
授权:基本
访问令牌通过采取用户名和密码,用串联在一起形成:分离器和编码成Base64编码
Authorization: Basic The access token is formed by taking the username and password, concatenating together with a : separator and encoding into Base64.
本插件处理Base64编码,并自动设置上,它使用Backbone.sync每个请求的授权头。
This plugin handles the Base64 encoding and automatically sets the Authorization header on every request which uses Backbone.sync.
这篇关于骨干基本HTTP REST API认证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!