How can I implement authentication in my API?

I'm developing an API for my site, and I'm wondering how I can make it
so requests require basic access authentication (like in Twitter's API
for example)? I'm using restful-authentication on Rails 2.3.2. Thanks!

Andrew wrote:

I'm developing an API for my site, and I'm wondering how I can make it
so requests require basic access authentication (like in Twitter's API
for example)?

[...]

I'm no expert on this, but perhaps you want to use OAuth like Twitter
has done.

Best,

There's already support for basic auth in restful-authentication; it
only gets used by default for (off the top of my head) JSON and XML
formatted requests. The support is pretty simple - take a look at (in
restful_auth) AuthenticatedSystem#access_denied, and also the core
docs for ActionController::HttpAuthentication.

--Matt Jones

Thanks Matt, that's exactly what I was looking for.

Can you post your code how you fixed it please!
I am using also restful authentication and want to provide basic
authenticaton for xml!

Thank you

Wouter

def authenticate
   @current_user = authenticate_or_request_with_http_basic { |u, p|
User.authenticate(u, p) }
end

Use as a before filter.

But with this code i have to authenticate every time when i try to
access the website..

I have this code for authenticate:

def authenticate
        case request.format
        when Mime::XML, Mime::ATOM
          if self.user = authenticate_or_request_with_http_basic { |u,
p> User.authenticate(u, p) }
            @current_user = user
          else
            request_http_basic_authentication
          end
        else
          user = User.find_by_remember_token(cookies[:auth_token])
        end
      end

But when i try to access an xml resource i get the authentication
dialog and i get a page with error (ouldn't find Profile without an
ID)
and when i refresh i get the right xml page.. How can i fix this.. My
authentication doesnt work because of this on android!

Thank you

But with this code i have to authenticate every time when i try to
access the website..

I have this code for authenticate:

def authenticate
        case request.format
        when Mime::XML, Mime::ATOM
          if self.user = authenticate_or_request_with_http_basic { |u,
p> User.authenticate(u, p) }
            @current_user = user
          else
            request_http_basic_authentication
          end
        else
          user = User.find_by_remember_token(cookies[:auth_token])
        end
      end

But when i try to access an xml resource i get the authentication
dialog and i get a page with error (ouldn't find Profile without an
ID)
and when i refresh i get the right xml page.. How can i fix this.. My
authentication doesnt work because of this on android!

Thank you