Basic authentication on public endpoint

Hello,

after following 2 tutorials on Rails and getting those nice looking apps up and running, I would like to roll my first app.

It has only one model. An http view will display all records from the database.

The data input is not via an http form, but come as a POST call from another (external) app (json payload, in case it matters).

The “index" action on my XController (for listing the records) does not require authentication, but I would like to have basic authentication (hardcoded user+pass is fine) on the public endpoint (the “create” action).

I found http_basic_authenticate_with - but this seems to cover only the http session, so it didn’t help with the public endpoint (or I didn’t manage to use it properly).

Any pointers about what I can use to secure the public endpoint?

Thank you,

Marian

I solved my problem by disabling the CSRF check on the public endpoint (according to this https://stackoverflow.com/questions/5669322/turn-off-csrf-token-in-rails-3).

Hey,

I’m also able to create an autoresponder

How awesome am I?

Wooooooowwwwwwww I got rid of jobs, give me millions of USD

Hey,

I’m also able to create an autoresponder

How awesome am I?

Wooooooowwwwwwww I got rid of jobs, give me millions of USD