The basic auth simple point is that each time the API is requested to provide the user's username and password.
。 The advantages and disadvantages of this approach are obvious.
Advantages:
u use very simple,
u Development and debugging work is simple,
U do not have complex page jump logic and interactive process;
U more advantageous to the initiator control;
Disadvantages:
U Low security, each time you need to pass the user name and password, user name and password to a large extent, there is the possibility of eavesdropping;
You also need to save the user name and password, in the application of its own security, there are a lot of problems;
U open platform service provider for its own security considerations (third party can get the user's account password, for the service provider is a security risk), the future will also limit this authentication method (Twitter is scheduled to stop the support of basic Auth in June)
If you change the user name and password, you will also need to restart the password verification process.
It's just that every time a request is requested, the header headers add a username and password message after Base64 encryption.
JQ provides us with a very simple way:
$.ajax ({
URL: ' 1.php ',
ContentType: "Application/json",
DataType: "JSON",
Username: ' Admin ',
Password: ' 123456 ',
Type: "Get",
Success:function (data) {}
})
Quite simply, JQ has been encapsulated, and we just need to pass in the parameters username and password.
The following way is also the line, more directly reflects how basic is combined, which Btoa is the conversion of Base64 method, specific you can Baidu.
$.ajax ({
Type: "Get",
URL: "index1.php",
DataType: ' JSON ',
Async:false,
Headers: {
"Authorization": "Basic" + btoa (USERNAME + ":" + PASSWORD)
},
Data: ' {' comment '} ',
Success:function () {
Alert (' for your comment! ');
}
});