I am trying to create an API in Codeigniter, and I want the entire API to be private. What is the best way to authenticate each request?
Is GET passing a username and password good practice… i.e. [B]http://localhost/api/admin/12345/user/get_data/1[/B]
Here is my code, but at the moment I am just hardcoding the passwords, but need to figure out a way to dynamically pass them…
function ci_curl($new_name, $new_email)
{
$username = 'admin';
$password = '1234';
$this->load->library('curl');
$this->curl->create('http://localhost/restserver/index.php/example_api/user/id/1/format/json');
// Optional, delete this line if your API is open
$this->curl->http_login($username, $password);
$this->curl->post(array(
'name' => $new_name,
'email' => $new_email
));
$result = json_decode($this->curl->execute());
if(isset($result->status) && $result->status == 'success')
{
echo 'User has been updated.';
}
else
{
echo 'Something has gone wrong';
}
}