symfony2 rest api conception. Application authentication/ user application authentication

0
votes

I'm working on transforming my classic website to rest API in Symfony 2 world.

First of all I'm doing that because I want to a mobile version of my project (maybe phone gap) but with angularjs. my question actually is what is the difference between my angular application authentication to access my api resources and the authentication of the users of the application.

I'm working with Symfony2 standard edition, Fosrestbundle, FosOauthbundle and Fosuserbundle for user management and JmsSerializerbundle and nelmio.

1
apirestsymfonyoauth-2.0
What you're asking specifically? Have you encountered any issue?Alessandro Lai

1 Answers

1
votes

The key difference is that in a REST context, you have no Session for the user. Every new REST Request should know nothing about the last Request made.

You will typically to authenticate using request headers, typically the WWW-Authenticate header, or by using your own custom headers to support things like several versions, which is a whole different topic.

In general, it doesn't really matter how you chose to authenticate users once the Request hits, you just need to recognize that authentication has to be setup in such a way that doesn't utilize a Session.