Okay, so I'm migrating my system over to being more RESTful and quite
enjoying the process. The obvious thing that happens is you start
thinking about how easy it is for everything to start using the rails
rest interfaces for getting and manipulating data.
But what happens when I want to control who can call an update or
delete? In rails I'd have a before_filter to check authorisation, but
what happens with some other application trying to consume my service
that hasn't neccessarily logged in to the web page?
How could I replicate the login process in something outside of rails
to make the most of the REST services I'm creating?