Can a local html5 application have an asp.net session? (local webapp for iPhone)

Question

Can a local html5 application have an asp.net session? (local webapp for iPhone)

Context:

I am actually developing a small web application (C # / MVC2). Users will use their iPhone (and possibly Android phones in the future) to access it.

This is quite simple at the moment (it just shows some information and reports from our ERP client), and I decided to try creating a local webapp that users could add to their iPhone so that they have an icon for this and, most importantly, most files are locally cached, so using json from the server only the relevant data is received.

Problem:

To authenticate users, a small form requests a username and password and sends them to the server via ajax, which, in turn, verifies the user and sets authcookie. If the application is run in Safari, everything works fine, but if it runs locally (that is, in Mobile Safari directly from the icon), the server correctly checks the user, but this check is lost when the next ajax call to restore data.

Does this mean that the session cookie is not supported by Mobile Safari in webapps? Am I doing it wrong?

And most importantly: what is the best way to authenticate users in a local webapp that accesses remote data?

+5

html5 iphone asp.net-mvc mobile-safari

salgiza Sep 08 '10 at 15:34

source share

4

Cat Chen · Answer 1 · 2011-02-23T12:36:11+0000

, webapp. , HTTP-, localhost.

, http://localhost http://yourwebsite.com, localhost yourwebsite.com. , OAuth , .

webapp - . yourwebsite.com OAuth. , yourwebsite.com, localhost .

Ben · Answer 2 · 2011-06-15T20:47:06+0000

( , , ...)

Mobile Safari -, " " (.. -, iOS).

, , cookie, , Mobile Safari ? , : Mobile Safari, , .

, , , / , , VPN ? ( -).

Linus Unnebäck · Answer 3 · 2011-06-24T09:17:06+0000

, cookie, ajax- , "authcookie". localStorage .

http://dev.w3.org/html5/webstorage/

, -, (X- ) GET- URL-.

softawareblog.com · Answer 4 · 2015-02-10T10:17:40+0000

: http://www.asp.net/web-api/overview/security/individual-accounts-in-web-api

HTTP-

:

var loginData = {
    grant_type: 'password',
    username: ...,
    password: ...
};

$.ajax({
    type: 'POST',
    url: '/Token',
    data: loginData
}).done(function (data) {
    // Cache the access token in session storage.
    sessionStorage.setItem(tokenKey, data.access_token);
});

:

// If we already have a bearer token, set the Authorization header.
var token = sessionStorage.getItem(tokenKey);
var headers = {};
if (token) {
    headers.Authorization = 'Bearer ' + token;
}

$.ajax({
type: 'GET',
url: 'api/values/1',
headers: headers
}).done(function (data) {});

If you do not plan to use the web API, you must create your own token and put it in each data request

Can a local html5 application have an asp.net session? (local webapp for iPhone)

More articles: