Would anyone have any insights on how best to create an authenticated RSS feed?

The simplest solution might be to have a required URL parameter that would use a custom data source to determine whether the URL parameter matched a predetermined hash. If the hash matched, the data source would return the requested RSS feed. If not, a 403 error page would be returned.

The best thought that I had so far was to set a number of required URL parameters, to make this approach even more robust. So the URL parameters could be something like: category/username/email/id/hash.

If the values of the URL parameters match the values associated with a particular user, the RSS feed would be returned. Would this be a good approach?

For this solution, the Hash Field extension came in really handy. I won't elaborate too much on the exact solution I used to keep the implementation a little more secure, but it appears to work quite well.

Create an account or sign in to comment.

Symphony • Open Source XSLT CMS

Server Requirements

  • PHP 5.3-5.6 or 7.0-7.3
  • PHP's LibXML module, with the XSLT extension enabled (--with-xsl)
  • MySQL 5.5 or above
  • An Apache or Litespeed webserver
  • Apache's mod_rewrite module or equivalent

Compatible Hosts

Sign in

Login details