Hi,
There doesn't seem to be a lot of info about ActiveResource, and I have an issue which I think would be pretty common, but I haven't found any info about.
Is there a convention to allow ActiveResource to authenticate using the current user logged in?
Obviously I can't send the user's password since it's hashed, so I was thinking in using the user's hash to create an encrypted key that can then be decrypted by the REST server. If you think this would be a good approach, are there any security implications I should worry about?
Also, I could use a specific admin user to authenticate and give the current user's login as a param to AR's calls, but that would involve more work since the REST server already filters results depending on the authenticated user, so it would have to also filter on the user passed on the params.
Thanks!
- Ivan V.
