nodeJS and Web APIs
Follow
Find tag "REST"
35.1K views | +59 today
nodeJS and Web APIs
about node.js and Web APIs
Your new post is loading...
Your new post is loading...
Rescooped by Srdjan Strbanovic from Dev Breakthroughs
Scoop.it!

A new Internet-Draft for "RESTful Authentication Pattern"

This document proposes a "RESTful" pattern of authentication for HTTP/1.0, 1.1, and 2.0. The existing 401 status code and WWW-Authenticate header are used to indicate that authentication is required and for negotiation purposes. The client POSTs an initial authentication message to an indicated login URI, and reply messages are returned as new representations of a session resource named by a session URI.

 

This approach has a number of benefits: it can be implemented with or without help from the HTTP stack, it can be universally implemented on the server side using the Common Information Gateway (CGI) and FastCGI, it results in a session Uniform Resource Identifier (URI) that can be DELETEd to logout, it is completely orthogonal to any HTTP "routers" and proxies, and it naturally (i.e., without changing HTTP) handles multi-legged authentication mechanisms.

 

Among other features supported are: channel binding, an optional round trip optimization for challenge/response mechanisms, somecryptographic protection options for clients that don't use Transport Layer Security (TLS), stronger authentication of servers/services to users (where authentication mechanisms provide that) and more.


Via Nicolas Weil
more...
No comment yet.
Rescooped by Srdjan Strbanovic from Dev Breakthroughs
Scoop.it!

Combining HTML Hypermedia APIs and Adaptive Web Design

Combining HTML Hypermedia APIs and Adaptive Web Design | nodeJS and Web APIs | Scoop.it

HTML is the lowest common denominator in a world were the number of devices are steadily growing. In such a world, our API should be hypermedia driven and we should consider choosing HTML as the media type for our APIs. If we choose this, we can enhance the API with CSS and JavaScript, making the API human-friendly as well. Further, we can use Adaptive Web Design to make the best possible experience for all types of browsers and devices.

 

This kind of solution has some risks and technical issues related to it though. And it is not a silver bullet.


Via Nicolas Weil
more...
No comment yet.