I am new to sails, but after reading the document and following some examples on the Internet, I decided to make it a shot;)
I created an APP that depends on the REST web service that I want to build in the Sails Framework, but after a lot of research, I have not yet found the right solutions in the sails.
I think I want to transfer (username, password) or api_key in every web service call created from the application?
All the examples I found were related only to the session login method - not to the API key in every call.
I used this tutorial - http://jethrokuan.imtqy.com/2013/12/19/Using-Passport-With-Sails-JS.html
But only login to enter the login page - I want it to be logged in every call and still want to use the assembly in REST API projects.
The problem in my solution is that a call of this type - will not give me all the waiting users due to the default REST method - I want it to authenticate the user and give me the result.
http://example.com:1337/user/?username=test&password=xxx
What are the โbest practicesโ for creating an APP using the REST service firewall? - "with sails"
Some of my code:
// policies/authentication.js if(req.param('username') && req.param('password')) { UserAuth.auth(req, res, function(err, user) { if (err) return res.forbidden('You are not permitted to perform this action.'); if(user) { return next(); } }); }else{ return res.forbidden('You are not permitted to perform this action.'); }
// services/UserAuth.js module.exports = { auth : function(req, res, cb) { var bcrypt = require('bcrypt'); var passport = require("passport"); passport.authenticate('local', function(err, user, info){ if (err) return cb({ error: 'auth error!', status: 400 }); if(user) { cb(null, user); } })(req, res); } }
// config/policies.js module.exports.policies = { '*': "authentication" };