greptilian logo

IRC log for #rest, 2014-06-21

https://trygvis.io/rest-wiki/

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

All times shown according to UTC.

Time S Nick Message
02:38 wilmoore joined #rest
09:23 wilmoore joined #rest
09:58 DrCode joined #rest
15:18 licyeus joined #rest
16:08 graste joined #rest
16:24 Left_Turn joined #rest
17:06 licyeus joined #rest
17:14 danielemm joined #rest
17:18 danielemm hi guys. I would to make a simple RESTful service for a mobile app. My idea is to avoid OAuth and use hmac authentication. I've found several articles online but I'm still a bit confused abour registration process. How can I deal a new user registration? A request should include both new username and password... but it seems to be so insecure....any idea?
17:18 spaceone insecure?
17:19 spaceone force HTTPS
17:21 danielemm The idea is this. Both client and server has the private key. On user registration I could encrypt username and password and send it with my request to the server (using the hmac approach). If it's okay I reply to the client OK and I can pass user/pass encrypted (or a md5 of both) at each other new request
17:21 danielemm it should be okay
17:22 spaceone i don't understand the md5 thing
17:22 danielemm it's to avoid to send user+pass each time
17:23 spaceone yes
18:01 HighBit joined #rest
18:19 danielemm2 joined #rest
19:51 wilmoore joined #rest
20:00 spaceone self descriptive messages means that the message which is transferred between two components contains not only data but also metadata, metadata about the metadata / controldata... anything more?
20:53 graste joined #rest
21:20 HighBit joined #rest
22:08 HighBit joined #rest
22:40 HighBit joined #rest

| Channels | #rest index | Today | | Search | Google Search | Plain-Text | plain, newest first | summary

https://trygvis.io/rest-wiki/