[Flow] Implementing API key security in a Flow application
Søren Malling
soren.malling at gmail.com
Thu Oct 24 10:47:24 CEST 2013
Hi,
I'm developing a Flow application, where we have a Rest API.
For that purpose we will only accept request with a correct API key send
along with the request.
For this purpose I thought about adding it as a firewall filter like
described in the documentation
http://docs.typo3.org/flow/TYPO3FlowDocumentation/stable/TheDefinitiveGuide/PartIII/Security.html
So I've created a Api interceptor and a voter (based on the AccessDeny
classes), but I'm kinda stucked here.. In which one of these to should I
implement the API key check? And how can I access the current request to
get the controller and method name trying to be accessed?
I hope you can help me in some direction
Cheers
Søren
More information about the Flow
mailing list