I make my REST API for Android application.

I want the login and token to be transmitted to the server via url as follows: login: token@mysite.com/index.php

The URL specification allows you to: https://habrastorage.org/files/373/2b3/3fd/3732b33fd43043049c18e3c108bc9d1a.jpg

The question is, how, where does this data go (login: token) and, most importantly, how can you get it in the index.php script?

What did to solve:
1. rummaged the floor of Google
2. Dropped out all the superglobal PHP variables ($ _SERVER, $ _POST, and so on)

  • There is a key element SCHEME , depending on it, you can do so or not. What is the difference between what you want and for example pass the login and pass through _GET ? only the appearance, the client still does not see what the difference is ... - Manitikyl 2:28 pm
  • With Rest and in general with http entrails, I met a few days ago. From topics in various forums and posts I realized that Rest uses query methods (get, post, etc.) to identify the action that I want to perform on the server side. From this I concluded that if I send, for example, using the DELETE method, I cannot send data about the user with it. If you are well versed in this, please push me in the right direction for reflection. Thank! :) - W0lfEnd 3:07 pm
  • Read about Basic Auth and its implementation in php - ArchDemon

1 answer 1

The secret here is that the URL to the server is not transmitted . This is just a more or less convenient way to pack disparate parameters in one line. Which client disassembles, and uses to connect to the server. And some parameters (for example, fragment) never get to the server at all.

To get the username and password from this line, the server must initiate HTTP Basic Authentication. If the client receives such a request, then in response will send a login and password.