views:

22

answers:

1

Hi stackworld,

Well heres my question.

In my project im using a rest service to authenticate clients. That part is ok as I have used a simple authentication by hashing a user id and a password together. After the authentication I want to open to the users few other rest services through the modular scheme in zend framework.

I am currently having the following directory structure,

Default/
       IndexController
       ErrorController
       LoginController
Modules/
       player/...
       game/...

So the users will not be able to access player api if the initial login that they did is successful. Its almost as if I have to keep a session variable to check if the users have authenticated initially before using the other rest services. How can I go about doing this ?

+1  A: 

You can either store a cookie/session variable that the user must pass along with their request, or you can assign them a token that they must pass along with their request. It's more "restful" if you use a token instead of a cookie.

Andrew
the other way i was planing on doing in the end was to use a plugin to confirm the authentication everytime. which will avoid the token or session setting. all i wanted to do after all was to stop the api from opening to the whole world without some sort of auth.
kuzyt