I am developing an iOS (Swift) application using third-party (facebook) authentication. I came across a question of how I can drop an access token from facebook to my own server.
I wrote something like below.
Alamofire.request(.POST, "https://example.com/user/fb", access_token: facebook_access_token)
but I'm not sure if this is safe enough. Not only that, when I implement the email login and password, I wrote something like below.
var user = [email: "ex@mple.com", pass: "password"]
Alamofire.request(.POST, "https://example.com/user/", user: user)
How safe are they? Or, if there are best practices, please let me know. Thank!
source
share