after following 2 tutorials on Rails and getting those nice looking apps up and running, I would like to roll my first app.
It has only one model. An http view will display all records from the database.
The data input is not via an http form, but come as a POST call from another (external) app (json payload, in case it matters).
The “index" action on my XController (for listing the records) does not require authentication, but I would like to have basic authentication (hardcoded user+pass is fine) on the public endpoint (the “create” action).
I found http_basic_authenticate_with - but this seems to cover only the http session, so it didn’t help with the public endpoint (or I didn’t manage to use it properly).
Any pointers about what I can use to secure the public endpoint?