本文介绍了如何使用和Rails,制定和Backbone.js的令牌认证?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我试图建立与PhoneGap的,jQuery Mobile的Backbone.js的和在客户端的移动应用程序 - 用Rails 3的JSON API运行的服务器端

我知道如何通过身份验证后,从服务器获取令牌,但我不知道怎么了token_auth键/值追加到所有的AJAX请求Backbone.js的将我的服务器。

下面是我此刻的流量:


  1. 在某些表单字段和点击登录用户类型

  2. 骨干创建的电子邮件和密码信息一个新的Player对象。

  3. 我运行一个Player.authenticate,设置令牌AUTHENTICATION_TOKEN

  4. 在这之后的所有请求应附加的auth_token =+ AUTHENTICATION_TOKEN

我看了http://documentcloud.github.com/backbone/#Sync对于可能重写AJAX调用 - 但似乎对于这个简单的任务相当极端

有没有人有运行设计token_authentication和Backbone.js的?

任何经验
解决方案

为什么不把它添加到您的所有的jQuery Ajax请求的。这将增加的auth_token遍布jQuery的你的Ajax调用。直接使用jQuery阿贾克斯(或者说这么做库)时可能有用。但是,这可能是一个安全问题,以及(当你有到其他网站的ajax调用...)。

  //这是未经测试
$ .ajaxSetup({beforeSend:功能(XHR,设置){  //只是因为AUTH_TOKEN是私人信息
  如果(!settings.crossDomain){    //解析数据对象
    VAR dataobj = JSON.parse(xhr.data);    //认证令牌添加到数据对象
    dataobj.auth_token = AUTHENTICATION_TOKEN;    //保存数据对象到jqXHR对象
    xhr.data = JSON.stringify(dataobj);  }
}});


另一种方法可能是编写令牌插入服务器端头并对其进行处理:

  //那不是漂亮
$ .ajaxSetup({标题:{AUTH_TOKEN:AUTHENTICATION_TOKEN}});

I'm trying to build a mobile application with PhoneGap, jQuery Mobile and Backbone.js on the client-side - with a Rails 3 JSON API running server-side.

I know how to fetch the token from the server after being authenticated, but I don't know how to append the "token_auth" key/value to all the AJAX-requests Backbone.js will make to my server.

Here's my flow at the moment:

  1. User types in some form fields and hits "Log in"
  2. Backbone creates a new Player object with the email and password info.
  3. I run a Player.authenticate that sets the token to AUTHENTICATION_TOKEN
  4. All requests after this should append "auth_token=" + AUTHENTICATION_TOKEN

I've looked at http://documentcloud.github.com/backbone/#Sync for maybe overriding the AJAX calls - but that seems quite extreme for this simple task.

Does anyone have any experience with running Devise token_authentication and Backbone.js?

解决方案

Why don't append it to all of your jquery ajax requests. It will add the auth_token to all of your ajax calls over jQuery. That might be useful when working directly with jQuery ajax (or libs that do so). But this might be a security issue as well (when you have ajax calls to other sites...).

// this is untested
$.ajaxSetup({ beforeSend : function(xhr, settings){

  // just because the auth_token is a private information
  if(!settings.crossDomain) {

    // parse data object
    var dataobj = JSON.parse(xhr.data);

    // add authentication token to the data object
    dataobj.auth_token = AUTHENTICATION_TOKEN;

    // save the dataobject into the jqXHR object
    xhr.data = JSON.stringify(dataobj);

  }
}});


Another approach may be to write that token into the header and process it on the server side:

// thats not beautiful
$.ajaxSetup({ headers : { "auth_token" : AUTHENTICATION_TOKEN } });

这篇关于如何使用和Rails,制定和Backbone.js的令牌认证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

07-20 17:48