Authenticated RSS Feed
This is an open discussion with 1 reply, filed under General.
Search
For this solution, the Hash Field extension came in really handy. I won't elaborate too much on the exact solution I used to keep the implementation a little more secure, but it appears to work quite well.
Create an account or sign in to comment.
Would anyone have any insights on how best to create an authenticated RSS feed?
The simplest solution might be to have a required URL parameter that would use a custom data source to determine whether the URL parameter matched a predetermined hash. If the hash matched, the data source would return the requested RSS feed. If not, a 403 error page would be returned.
The best thought that I had so far was to set a number of required URL parameters, to make this approach even more robust. So the URL parameters could be something like:
category/username/email/id/hash
.If the values of the URL parameters match the values associated with a particular user, the RSS feed would be returned. Would this be a good approach?