Chapter 4 Logged user

Question

Chapter 4 Logged user

notapatch opened this issue 5 years ago · 3 comments

Logged user
So we implemented the following logic: API returns the authentication token to the client if credentials are correct.
We will now implement the following logic: we’ll find the corresponding user of an authentication token given into the HTTP header. We’ll need to do so each time this client requests a protected page.

My question is: Do you mean "protected page"? Protected pages make sense in a standard Rails application but I'm confused about how an API app has pages. I was wondering if it might be better described as:

We’ll need to do so each time a client request requires permission.

Otherwise authorization?

Answer 1 · 2020-01-04T13:29:15.000Z

Thank you for report. You totally right. Maybe the perfect

- We’ll need to do so each time this client requests a protected page.
+ We’ll need to do so each time this client requests an entry point who requires permission.

What do you think about?

Answer 2 · 2020-01-04T14:15:10.000Z

+ We’ll need to do so each time this client requests an entry point who requires permission.

Swap who to which and we're good 👍

We’ll need to do so each time this client requests an entry point which requires permission.

who vs which

Answer 3 · 2020-01-09T11:56:27.000Z

Thank you for report this. I corrected on 74efcea