# |
Apr 21st 2017, 14:02 |
Neon1024 |
Depends really, my stuff doesn’t need to be super duper secure |
# |
Apr 21st 2017, 14:02 |
Neon1024 |
I just wanted to be able to expire a token after a few months, so if someone gave it away it could be changed without impacting the consuming client |
# |
Apr 21st 2017, 14:01 |
Neon1024 |
But there is stuff like OAuth too, such as Facebook and Twitter etc |
# |
Apr 21st 2017, 14:01 |
Neon1024 |
birdy247, Usually a header and token is pretty standard |
# |
Apr 21st 2017, 14:00 |
Neon1024 |
I’d need to implement it in a branch really and see how I feel about it |
# |
Apr 21st 2017, 14:00 |
Neon1024 |
To give them a token to use, which you can sign and expire |
# |
Apr 21st 2017, 14:00 |
Neon1024 |
Yeah, but I thought that the token workflow meant you need an OAuth style auth process |
# |
Apr 21st 2017, 14:00 |
birdy247 |
but what is generally considered a nice way of requiring authentication to use the API |
# |
Apr 21st 2017, 13:59 |
admad |
jwt is just a fancier token :P |
# |
Apr 21st 2017, 13:59 |
birdy247 |
I need to do a bit of research |
# |
Apr 21st 2017, 13:59 |
Neon1024 |
But with no token issuer endpoint |
# |
Apr 21st 2017, 13:59 |
Neon1024 |
Yes |
# |
Apr 21st 2017, 13:59 |
admad |
so basically simple token based auth |
# |
Apr 21st 2017, 13:59 |
Neon1024 |
Bit dirty really |
# |
Apr 21st 2017, 13:59 |
Neon1024 |
We use a sha which we pass as a header |
# |
Apr 21st 2017, 13:59 |
admad |
trade secret |
# |
Apr 21st 2017, 13:59 |
Neon1024 |
Er, well, you know the thing about that is |
# |
Apr 21st 2017, 13:58 |
Neon1024 |
Hah |
# |
Apr 21st 2017, 13:58 |
Neon1024 |
Which is kinda unavoidable really, and is better |
# |
Apr 21st 2017, 13:58 |
birdy247 |
How do you auth ? |
# |
Apr 21st 2017, 13:58 |
Neon1024 |
I’m not sure I like the two step authentication |
# |
Apr 21st 2017, 13:58 |
Neon1024 |
birdy247, No, I’m still undecided on that atm |
# |
Apr 21st 2017, 13:57 |
birdy247 |
Do you use JWT Neon1024? |
# |
Apr 21st 2017, 13:57 |
styks198- |
https://gist.github.com/styks1987/437f16e1fd290832eff28e171e46ef15 |
# |
Apr 21st 2017, 13:57 |
styks198- |
having a bit of an issue with saving. Can anyone help me out and look at this little snippet to determine why tracking_code is not saving? |
# |
Apr 21st 2017, 13:57 |
birdy247 |
@bravo-kernel blog post is super useful |
# |
Apr 21st 2017, 13:56 |
Neon1024 |
Gotta eat your own dog food! |
# |
Apr 21st 2017, 13:56 |
Neon1024 |
When I get around to redeveloping the telecoms sites in cake3, I’ll be using v4 myself |
# |
Apr 21st 2017, 13:56 |
Neon1024 |
Although tbh I don’t think anyone is using v4 yet. Unless it’s gone out to the client and noone has told me, which is likely |
# |
Apr 21st 2017, 13:55 |
Neon1024 |
ADmad, Awesome! |
# |
Apr 21st 2017, 13:55 |
Neon1024 |
It works, and is in production, so I guess thats a thumbsup! ;) |
# |
Apr 21st 2017, 13:55 |
birdy247 |
too much brain power on this forum :slightly_smiling_face: |
# |
Apr 21st 2017, 13:55 |
admad |
if i ever have the need to do so i will share it with you |
# |
Apr 21st 2017, 13:55 |
admad |
heh |
# |
Apr 21st 2017, 13:54 |
Neon1024 |
Yes, true admad, but we’re not all as clever as you :p |
# |
Apr 21st 2017, 13:54 |
admad |
better to whip up some custom routing or controller dispatching, so that you only need to extends those endpoints which actually need some change |
# |
Apr 21st 2017, 13:54 |
Neon1024 |
But it kinda does the same thing as an entity mutator |
# |
Apr 21st 2017, 13:54 |
Neon1024 |
I did look at phpleague/fractal |
# |
Apr 21st 2017, 13:54 |
birdy247 |
that bit confused me a little |
# |
Apr 21st 2017, 13:54 |
Neon1024 |
I ended up using a pretty big entity mutator method to change the data structure |
# |
Apr 21st 2017, 13:54 |
birdy247 |
Neon1024 what dd you use to change the josn structure? |