Let say that I have a website with some information that could be access externally. Those information need to be only change byt the respected client. Example: Google Analytic or WordPress API key. How can I create a system that work like that (no matter the programming language)?
+1
A:
Simple:
- Generate a key for each user
- Deny access for each request without this key
rassie
2008-09-16 21:25:06
A:
A good way of generating a key would be to store a GUID (Globally Unique Identifier) on each user record n the database. GUID is going to be unique and almost impossible to guess.
digiguru
2008-09-16 21:27:19
+5
A:
A number of smart people are working on a standard, and it's called OAuth. It already has a number of sample implementations, so it's pretty easy to get started.
Aeon
2008-09-16 21:28:59
Agreed. Pownce.com and many other have successfully implemented/produced OAuth, and its the best way, IMO, to get the results your after.
bryanpearson
2008-09-16 21:35:50
The website of OAuth explain well the situation. Thx for the solution.
Daok
2008-09-16 21:36:54
A:
Currently, I use a concatenation of multiple MD5s with a salt. The MD5s are generated off of various concatenations of user data.
Ian P
2008-09-16 21:30:18