需要通过 iOS SDK 在我的服务器上使用 JSON 对用户进行身份验证

Need to authenticate a user using JSON on my server with iOS SDK(需要通过 iOS SDK 在我的服务器上使用 JSON 对用户进行身份验证)
本文介绍了需要通过 iOS SDK 在我的服务器上使用 JSON 对用户进行身份验证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着跟版网的小编来一起学习吧!

问题描述

我现在只在 iOS 应用上工作了几个星期,所以请耐心等待.我希望我的应用程序的第一个屏幕是使用电子邮件地址和密码登录.我设置了视图,但是我不确定存储身份验证的最佳方式是什么.

I've only been working on an iOS app now for a couple weeks so bear with me. I want my app's first screen to be a login with email address and password. I got the view set up however I'm just not sure what's the best way to store the authentication.

身份验证本身将在服务器端处理.当用户输入他们的电子邮件和密码时,它将运行连接到我的服务器并在失败与否时返回 JSON.如果成功,我会返回我需要的任何东西.

The authentication itself will be handled server side. When the user enters their email and password, it will run connect to my server and return JSON if it failed or not. If it is successful I will return whatever I need.

问题是,我应该存储哪些信息以及存储在哪里?我应该将他们的用户 ID 和密码存储为 md5 字符串吗?然后每次我调用服务器时,我都可以传递他们的用户 ID 和 md5 字符串来验证他们是否有访问权限.这样做有意义吗?

The question is, what information should I store and where do I store it? Should I store their user id and their password as a md5 string? Then every time I make a call to the server I can pass their user id and md5 string to verify if they have access. Does that make sense to do?

推荐答案

是的,您应该将凭据存储在设备上.这样,当服务器上的会话过期时,可以立即重新验证用户.(请记住,这比每次都强制用户登录更不安全,因为如果用户丢失了手机,任何找到手机的人都可以访问他的帐户.)

Yes, you should store the credentials on the device. That way, when the session expires on the server, the user can be immediately re-authenticated. (Keep in mind, this is less secure than forcing the user to log in each time, because if the user looses his phone, anyone who finds it could have access to his account.)

只需将电子邮件地址和密码存储在 SQLite 表、plist、文本文件或您想要的任何内容中.最好对密码进行加密,即使没有其他应用程序能够访问您存储密码的文件.

Just store the email address and password in an SQLite table, a plist, a text file, or whatever you want. It's probably best to encrypt the password, even though no other applications will be able to access the file you store it in.

顺便说一句,您不必在每次请求时都将凭据传递给服务器.我不知道您在服务器端使用什么,但您可以将其设置为使用会话,因此他们的用户将在必须重新验证之前停留一段时间.这是我用来发送凭据的一些代码:

Btw, you don't necessarily have to pass the credentials to the server with every request. I don't know what you are using on the server side, but you can set it up to use sessions, so they user will stay longed in for a while before having to re-authenticate. Here is some code I have used to send credentials:

NSURLConnection *connection;
NSString *url = [NSString stringWithFormat:@"http://example.com/service/authenticate.ashx"];
NSString *username = [self.usernameField.text stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
NSString *password = [self.passwordField.text stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
NSMutableString* requestURL = [[NSMutableString alloc] initWithString:url];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL: [NSURL URLWithString: [NSString stringWithString:requestURL]]];
[request setHTTPMethod: @"POST"];
[request setValue:@"application/x-www-form-urlencoded" forHTTPHeaderField:@"content-type"];
[request setHTTPBody:[[NSString stringWithFormat:@"username=%@&password=%@", username, password] dataUsingEncoding:NSUTF8StringEncoding]];
connection = [[NSURLConnection alloc] initWithRequest:request delegate:self];

该 NSURLConnection 对象将管理 cookie 并保持用户登录,因此您可以使用它继续向服务器发送请求,直到会话过期.

That NSURLConnection object will manage the cookie and keep the user logged in, so you can use it to keep sending requests to the server until the session expires.

这篇关于需要通过 iOS SDK 在我的服务器上使用 JSON 对用户进行身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!

本站部分内容来源互联网,如果有图片或者内容侵犯了您的权益,请联系我们,我们会在确认后第一时间进行删除!

相关文档推荐

Pop up dialog in Android home screen(在 Android 主屏幕中弹出对话框)
Android - Executing a custom listview in a custom dialog properly(Android - 在自定义对话框中正确执行自定义列表视图)
Suppressing Google Maps Intent Selection Dialog(禁止谷歌地图意图选择对话框)
Creating a custom dialog in Android(在 Android 中创建自定义对话框)
Dialog.show() vs. Activity.showDialog()(Dialog.show() 与 Activity.showDialog())
How to create dialog which will be full in horizontal dimension(如何创建将在水平维度上充满的对话框)