There doesn't seem to be a lot of info about ActiveResource, and I have
an issue which I think would be pretty common, but I haven't found any
Is there a convention to allow ActiveResource to authenticate using the
current user logged in?
Obviously I can't send the user's password since it's hashed, so I was
thinking in using the user's hash to create an encrypted key that can
then be decrypted by the REST server. If you think this would be a good
approach, are there any security implications I should worry about?
Also, I could use a specific admin user to authenticate and give the
current user's login as a param to AR's calls, but that would involve
more work since the REST server already filters results depending on the
authenticated user, so it would have to also filter on the user passed
on the params.
- Ivan V.