How do I allow other sites to receive data from your site?
More details
I am new to RESTful API and Laravel world.
But "Every artist was an amateur at first. Let him get to the point.
I have 2 sites. Let's call it:
-
A
-
B
The website B
has a good list if the table of users + all of its relation.
I want to allow the website A
to access the website B
and download this nice data.
I've never done this. I guess the logic is:
- On the website,
A
you need api_keys to access the websiteB
. - Then, after the api_key matches, the website
B
will return the data to the websiteA
as a json file. - The website
A
will then receive this json file and load it into HTML and render it.
Is my logic even close? Please correct me if I am wrong. :)
Here is what I have tried
After some research, I came across this site . I really liked it. I've finished everything. Now I will get a little sense of the RESTful API.
Then I came across this site . I found this
filters.php
Route::filter('api', function() {
// Fetch a user record based on api key
$user = User::where('api_key', '=', Input::get('api_key'))
->take(1)
->get();
if ($user->count() > 0) {
Auth::onceUsingId($user[0]->id); // Authorize the user for this one request
} else {
return Response::view('errors.404', array(), 404)->header('Content-Type', 'application/json');
}
});
I notice the OP of this saved api_key
in the users table.
My questions
- Do I need to do it like him?
- Is this the only way to do it?
-
Is there a better / easier way to do this?
-
Instead of grabbing the api_key from the database, can I just manually set it to a
random
number + text like this? 21sdf364rt7y6r5ty1u28x1h8gt7yt2ert3654871 ?? - How long will it expire
api_key
? Is it evenexpire
? How do we know this?
Again, my main one goal
is to let the website A
access content from the website B
.
Is my logic even close?
Yes, that's close enough.
So, the main goal is to access the content from website B. You decide for yourself whether the material from B is limited content or not.
If the users who can access the stuff are limited, yes you need api keys.
If the content for site B is public, you can just print the json data without any required api keys like github: https://api.github.com/users/github .
source to share