douju3911 2012-01-06 14:03
浏览 93
已采纳

XCode,身份验证和NSUserDefaults

I am developing an App that will interface with a web server (PHP with MySQL back end) using web views. I have the application working with static URL's as tests, but now I need to adjust for actual user interaction.

I have been looking for solutions to HTTP authentication but believe the phrase to be incorrect as most of the search results I get are all related to "REST" requests. I will be using a URL (PHP / MySQL) to validate authentication and do not believe that qualifies as REST based on my experience.

I do not have SSL as of yet on this server so I am not sure what options are available via Cocoa.

Questions I have:

  1. Is there a way to create a View that loads if the account ID isn't already stored locally?

  2. If so, can i code the app to supersede the storyboard I have created if authentication is needed?

  3. If step 1 and 2 work, how can I interface with my web server to authenticate? ( preferred method is to submit user email and the MD5 of the password as that is what is currently stored in the database)

Ideally i would love to just submit a url like "login.php?login=me@blah.com&password=(md5hash)" and have the provided response either give me "auth=true&accountID=5" or "auth=false" ... then use the iPhone app to either report an auth error to the user or save the account id to NSUserDefaults for future use (to bypass auth later) and load the normal storyboard already in place.

Any recommendations would be appreciated.

Thanks,

Silver Tiger

  • 写回答

2条回答 默认 最新

  • douyan6742 2012-01-06 15:13
    关注

    You are pretty close with your thinking. I use a very similar approach to my user login process.

    I currently salt and hash the email and password into 1 40 char token. If the login returns successful, I save the token to NSUserDefaults. I use this token for all other web requests going forward until the user logs out, at which time I delete the user defaults.

    Here are a few snippets I use for the same process:

    // see if a login already exists
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
self.token = [defaults stringForKey:@"token"];

// if the token is nil/blank, launch login view
if(self.token == nil || [self.token isEqualToString:@""]) {
    [self loadStartView];
    return;
}

// build the request to update status
[[NSHTTPCookieStorage sharedHTTPCookieStorage] setCookieAcceptPolicy:NSHTTPCookieAcceptPolicyNever];
NSString *stringData = [NSString stringWithFormat:@"<your api string here"];
NSString *requestData = stringData;
NSData *myRequestData = [NSData dataWithBytes: [requestData UTF8String] length: [requestData length]];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL: [NSURL URLWithString:[NSString  stringWithFormat:@"<your url request here>"]]];
[request setHTTPMethod: @"POST"];
[request setHTTPBody: myRequestData];
NSData *jsonData = [NSURLConnection sendSynchronousRequest: request returningResponse: nil error: nil];
NSString *json = [[[NSString alloc] initWithData:jsonData encoding:NSUTF8StringEncoding] autorelease];
NSDictionary *payloadData = [json JSONValue];

[request release];

if([[payloadData objectForKey:@"success"] boolValue]) { // this is designed around my api, but you get the idea
    //NSLog(@"updateStatus: %@", payloadData);
    // updates the api version for every call
    [defaults setObject:self.token forKey:@"token"];
}
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 Oracle中如何从clob类型截取特定字符串后面的字符
  • ¥15 想通过pywinauto自动电机应用程序按钮,但是找不到应用程序按钮信息
  • ¥15 MATLAB中streamslice问题
  • ¥15 如何在炒股软件中,爬到我想看的日k线
  • ¥15 seatunnel 怎么配置Elasticsearch
  • ¥15 PSCAD安装问题 ERROR: Visual Studio 2013, 2015, 2017 or 2019 is not found in the system.
  • ¥15 (标签-MATLAB|关键词-多址)
  • ¥15 关于#MATLAB#的问题,如何解决?(相关搜索:信噪比,系统容量)
  • ¥500 52810做蓝牙接受端
  • ¥15 基于PLC的三轴机械手程序