skip to Main Content

Everything ok?
I created a react application that communicates with a rails api.
It is a very simple application, but there is this communication between react and api.

My question is…
Do I need to create a token of authentication so that third parties do not use my api? Or can I somehow tell my api that it only responds to requests that come from my site?

Thank you for your help!

3

Answers


  1. Chosen as BEST ANSWER

    thank you both that give me some answers.

    I came from work now, and sit to study a little, and I found about CORS. That is exactly what I was looking for.

    Here is a guide specific about a gem that make it in Rails. https://www.stackhawk.com/blog/rails-cors-guide/


    1. Okay let me help you with that. I hope you could create a sever with a URL like this: ‘localhost:3000/api/’ or ‘https://something.api/api’. You can use this API in React by using Axios methods like: axios.get("localhost:3000/api/").

    2. It seems like you want to create a authentication token when someone calling your API. Hence there are several hash libraries are available for creating API tokens according to time, username, etc. You can create it save it to your database. Whenever API call like this ‘https://something.api/api/key=hfudjuh8989’ you can get the key as from params and use it to verify with your database.

    Login or Signup to reply.
  2. Sure, you can create a middleware for your route that checks for that token, but you can also limit the request only to a specific array of client

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search