In a previous screencast we set up a simple Rails web service for todos and deployed it to production. But right now there's no authorization on it, which means anyone can come along and modify our data.
Let’s see this problem by sending a POST request to create a todo. We will use the Postman client that we discussed in a previous screencast. Even though we didn't provide any kind of authentication, we were allowed to create a record. That’s a problem.
In this screencast, we’ll use the Doorkeeper gem makes it easy to add authentication to Rails APIs using the OAuth 2 standard.
After this screencast, you’ll be able to:
- Add authentication to your Rails API with very little code.
For the More Curious...Doorkeeper Gem
Transcripts are only available for subscribers. Create an account today to access our collection of screencasts, skill packs, and more.
Project files are only available for subscribers. Create an account today to access our collection of screencasts, skill packs, and more.