Wednesday, October 24, 2012

Basic auth question + API clarifications

For my API, I just want to use basic auth, wich is done in the Appcontroller with something like this :

//if request is XML
$this->Auth->authenticate = array('Basic');
So, the header ni my requets has to have username and password.

But I want that in order to login via basic auth for api call, username, password AND api key are cheked, i.e. is th user exists, the password is ok but he has no api key, he can't be logged via API.

Is this possible ?

Plus, I have another 2 questions related to API :

1. I use /api/ as a prefix for routing API requests. Is there a way to : 1. check if a request has API prefix, if yes -> this, if no -> that

2. In a user profile i have multiple fields user['User']['about'] , user['User']['url'] and such. These are all editable via API /users/123.xml... how can I prevent some fields to be editable, like ID for exemple ?

Thanks a lor for your time,

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
 
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com.
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
 
 

No comments: