Website Login

Discussion in 'iOS Programming' started by RagingGoat, Jul 10, 2013.

  1. RagingGoat macrumors 6502

    Joined:
    Jun 21, 2010
    #1
    I would like to add a login page to log into my website from my app but I'm just not sure where to begin. What I'm wanting is to have a view in my app with fields for username and password and a Login button. Obviously it would need to talk to the web server to verify the credentials. If it succeeds, it will take the user to another view with info loaded from their account on the website. It would be similar to banking apps where you log in and then see your account info.

    Can anyone point me to any tutorials or provide me with any advice or info on how to go about accomplishing this? I'm just not quite sure where to begin with it.
     
  2. PhoneyDeveloper macrumors 68030

    PhoneyDeveloper

    Joined:
    Sep 2, 2008
    #2
    Are you displaying the web site in a web view or are you connecting to it with web APIs like a REST API?

    Anyway, look up oauth, oauth2 on wikipedia and go from there.
     
  3. RagingGoat thread starter macrumors 6502

    Joined:
    Jun 21, 2010
  4. PhoneyDeveloper macrumors 68030

    PhoneyDeveloper

    Joined:
    Sep 2, 2008
    #5
    If you want a REST API then you need authentication to be part of that.

    Really you first need to choose a web app platform. That RayWend link uses php. grails is another popular web app platform that seems to be popular these days.

    Each platform will have its preferred ways of doing authentication. The more secure methods will generate a token on the server which is then passed to the client after authentication. The token is passed in the Authentication header in subsequent REST calls.

    Do your best to use pre-existing tried and true methods for authentication. Security is hard. If you're not an expert you shouldn't be trying to implement your own method for authentication. BTW, a quick look at that RayWend article seems to show an inadequate implementation. I think I see a vulnerability to SQL injection.

    These days if you have a web app someone will be trying to hack it.

    I've mostly worked on the client side so can't give too much more advice on implementing the server side.
     

Share This Page