Allow for HTTP Basic Auth ? #337
Comments
|
This feels like out-of-scope for what this project is trying to solve, but I could be persuaded otherwise if enough users felt the need for something like this. Just worrying about scope creep and the complexities (re: bugs) that other fallback schemes (re: standard devise) have caused. |
|
Fair enough. I just hacked around it in my app with a before_filter. Quick and (very) dirty, but it lets me keep prototyping... |
|
Old thread but just to follow up - I was looking to do this as a way to allow testing during development. Postman for example doesn't seem able to (easily) programmatically sign in and then make a request, so this would be a really nice way to test a stand-alone API endpoint with a single request. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is it possible to enable HTTP Basic Auth as a failover when requests don't provide tokens in the headers? Any advice on how to do it?
I tried to figure it out on my own, hoping that the Devise wiki page on Using HTTP Basic Auth would work, but got stumped by conflicts between Devise's authenticate_user! and devise_token_auth's version of the same method.
Why I Want To Do This
In most cases, I want clients to use token authentication, but I also want my users to have the option of using HTTP Basic Authentication (over HTTPS) when they're experimenting with my API or when they are relying on client applications that only support HTTP basic auth.
The text was updated successfully, but these errors were encountered: