i'm following this tutorial , works charm. many things harcoded need change them. have check in db if username , password correct , on... don't understand how api keys (or service keys) works.
on tutorial code, service key passing through http header, , login method checks if matching username , password provided. if each user has unique service key, how users can pass through http header? users put usernames , password form fields , press login button
the tutorial says service key provided user email or other methods. how user enters in http header of login form? service key coming from?
the service key give access api, not individual users. take twitter example: twitter users log in username , password , don't need service key. if wanted build own twitter platform users can log in page , see tweets in app (like tweetdeck), you'd need service key use twitter api, , you'd send key along http requests server twitter every-time user logs page. service keys way of identifying clients (ie applications) using api, not specific users using application.
Comments
Post a Comment