O'Reilly logo

RESTful Web API Design with Node.js by Valentin Bojinov

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Keeping the Bad Guys Out

Once deployed in production, an application will be exposed to a large number of requests. Inevitably, some of them will be malicious. This implicitly brings the requirement of granting explicit access permissions, that is, authenticating a selected number of consumers to have access to your service. Most of the consumers will use the service only for data provisioning. However, a few will need to be able to modify the exposed contacts' data. In order to ensure that only appropriate consumers will be able to execute POST, PUT, and DELETE requests, we will have to introduce the concept of authorization into our application, providing only explicitly selected users with modification permissions.

As the contact ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required