我正在为我的移动应用程序构建后端系统。我想用基本的HTTP验证来保护内容。基本HTTP身份验证在Google App Engine中不起作用
我写了下面的代码,它在本地主机上运行得如同微风。
if ($_SERVER['PHP_AUTH_USER'] != '[email protected]' && $_SERVER['PHP_AUTH_PW'] != '11test11') {
header('WWW-Authenticate: Basic realm="Denda Backend"');
header('HTTP/1.0 401 Unauthorized');
echo "Wrong credentials :-(";
exit;
}
但是,当我上传应用程序到GAE时,这不起作用。我不断收到相同的对话框。在网上也找不到任何可靠的帮助。
感谢, Krish
我知道这是一个老问题,但它很高兴知道它
if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
$nobasic = substr($_SERVER['HTTP_AUTHORIZATION'],6); // removing 'Basic ' from the string
$decoded = base64_decode($nobasic); // decoding string with user:password
list($client_user, $client_pass) = explode(':',$decoded);
if ($client_user == "user" && $client_pass == "password") {
// Successfully authenticated
} else {
// Authentication failed, username or password are wrong
header('WWW-Authenticate: Basic realm="site"');
header('HTTP/1.0 401 Unauthorized');
echo "Wrong credentials :-(";
exit;
}
} else {
// Not authenticated as there is no appropriate header in HTTP request
header('WWW-Authenticate: Basic realm="site"');
header('HTTP/1.0 401 Unauthorized');
echo "Wrong credentials :-(";
exit;
}