ruby 如何在 Rails 应用程序中使用 httparty 的基本身份验证?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/7627419/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to use basic authentication with httparty in a Rails app?
提问by Dr.Bob
The command line version of 'httparty' with basic authentication works simple and great:
带有基本身份验证的 'httparty' 命令行版本工作简单而出色:
httparty -u username:password http://example.com/api/url
But now I'm looking for the way I can add the basic auth to a HTTParty.get call from within a Rails app. First of all, for testing purposes, I want to hard code the login credentials in the Controller. Just to make sure it works. But I can't find any documentation or examples how you can pass these along.
但是现在我正在寻找可以从 Rails 应用程序中将基本身份验证添加到 HTTParty.get 调用的方法。首先,出于测试目的,我想对控制器中的登录凭据进行硬编码。只是为了确保它有效。但是我找不到任何文档或示例如何传递这些信息。
A HTTParty.get without credentials works fine:
没有凭据的 HTTParty.get 工作正常:
@blah = HTTParty.get("http://twitter.com/statuses/public_timeline.json")
But I don't see how I can make a variation on this that accepts the -u username:passwordpart.
但是我不知道如何对此进行更改以接受-u username:password部分。
The next challenge for me (am very new to Ruby/Rails) is to get the user credentials from a user form and pass it along dynamically, but most important for me now it to get the hard coded version to work.
我的下一个挑战(我对 Ruby/Rails 非常陌生)是从用户表单中获取用户凭据并动态传递它,但现在对我来说最重要的是让硬编码版本工作。
回答by Vasiliy Ermolovich
auth = {:username => "test", :password => "test"}
@blah = HTTParty.get("http://twitter.com/statuses/public_timeline.json",
:basic_auth => auth)
回答by Eric G
Two points,
两点,
If you are hitting Twitter's api, unless I'm mistaken I don't think they allow basic auth anymore :( So you may want to look into something like OmniAuthfor OAuth sign-in. You don't need HTTParty or a sign-in form for this, you link to the Twitter sign-in and the user enters credentials there, then Twitter sends a callback request to your app once authenticated. OmniAuth does most of the work for you, you just pull the info you need out of what it gives you in the callback route.
But even so, you will still need the OAuth 'consumer key' and 'consumer secret' which are specific to your application (how Twitter authorizes your application, as distinguished from the user). And you don't want these, nor any auth keys, in your source code.
如果您正在使用 Twitter 的 api,除非我弄错了,否则我认为他们不再允许基本身份验证 :( 因此您可能需要研究类似OmniAuth的 OAuth 登录。您不需要 HTTParty 或签名-在此表单中,您链接到 Twitter 登录,用户在那里输入凭据,然后 Twitter 在通过身份验证后向您的应用程序发送回调请求。OmniAuth 为您完成大部分工作,您只需从中提取您需要的信息它在回调路由中为您提供了什么。
但即便如此,您仍然需要特定于您的应用程序的 OAuth“消费者密钥”和“消费者秘密”(Twitter 如何授权您的应用程序,区别于用户)。并且您不希望在源代码中使用这些或任何身份验证密钥。
A typical way of doing this is stick them into a config/omniauth.ymlfile which is notchecked in to source control:
这样做的一个典型方法是把它们粘到config/omniauth.yml该文件没有在源代码控制检查:
twitter:
key: CONSUMER_KEY
secret: CONSUMER_SECRET
And then load them in an initializer config/initializers/omniauth.rb:
然后将它们加载到初始化程序中config/initializers/omniauth.rb:
consumers = YAML.load("#{Rails.root}/config/omniauth.yml")
Rails.application.config.middleware.use OmniAuth::Builder do
provider :twitter, consumers['twitter']['key'], consumers['twitter']['secret']
end
You could take a similar approach with loading basic auth username/passwords, just stick them in some object that you'll have access to from wherever you make the HTTParty calls.
您可以采用类似的方法来加载基本身份验证用户名/密码,只需将它们粘贴在某个对象中,您可以从任何进行 HTTParty 调用的地方访问该对象。
