使用 eve 限制用户访问
Using eve to limit user access
我的 API 中有两个不同的对象,我们可以将它们称为用户作为任务。我想调整 API 以便用户只能访问与他们关联的任务,但管理员可以访问所有任务。我将如何检查以确保他们请求的内容与他们的用户名匹配?我按照 http://code.tutsplus.com/tutorials/building-rest-apis-using-eve--cms-22961 登录,但我希望能够创建一个更全面的 API.
你可以求助于User Restricted Resource Access
When this feature is enabled, each stored document is associated with the account that created it. This allows the API to transparently serve only account-created documents on all kinds of requests: read, edit, delete and of course create. User authentication needs to be enabled for this to work properly.
参见上面 link 处的相关文档。
我的 API 中有两个不同的对象,我们可以将它们称为用户作为任务。我想调整 API 以便用户只能访问与他们关联的任务,但管理员可以访问所有任务。我将如何检查以确保他们请求的内容与他们的用户名匹配?我按照 http://code.tutsplus.com/tutorials/building-rest-apis-using-eve--cms-22961 登录,但我希望能够创建一个更全面的 API.
你可以求助于User Restricted Resource Access
When this feature is enabled, each stored document is associated with the account that created it. This allows the API to transparently serve only account-created documents on all kinds of requests: read, edit, delete and of course create. User authentication needs to be enabled for this to work properly.
参见上面 link 处的相关文档。