April 2018
Beginner to intermediate
406 pages
9h 33m
English
Allowing API access without any sort of restrictions or authentication can actually be very dangerous for the long-term health of your application. Without a means of restricting access, you are very prone to bad actors coming along and disrupting the experience of your application and API for all of the legitimate users of your API, so let's implement a simple HTTP Basic authentication mechanism using the already-established usernames and a new password-like API key.
The flow of our Phoenix application's flow should look something like this:

The good news is that this remains a very simple thing to implement ...