Geek Answers Handbook

Phonegap and jQuery mobile app for using Codeigniter Ion Auth to login

I already have a CRUD web application that is created using the Codeigniter PHP framework and the Ion Auth authentication library (for Codeigniter). Therefore, users need to log in to use the site, etc.

Now I am creating a small mobile application using Phonegap and jQuery mobile, which uses the same backend. The backend has a "REST like" api that handles all ajax requests from the mobile client.

How should I handle user authentication for this mobile application? I want to use as much base code as possible.

I am planning something like this:

  • From the client, send the username and go to the server
  • Return Session ID back to client from server
  • Save client session id (local store)
  • Send this token in each request to the server and check it on the server.

How to do this on the server side? To login, I can use the Codeigniter Ion Auth library login methods and get the Codeigniter session identifier (PHP). In the second query, when the user sends some actual data along with the sessoin identifier, how to check the session identifier? Or is it better to create completely new login functions for authenticating mobile applications than trying to use existing functionality (Codeignitre Ion Auth library)?

All ideas and suggestions are more than welcome!

+7
source share
2 answers

I think the best solution is to simply install middleware between your controllers and the request.

You can do this with Hooks: http://ellislab.com/codeigniter/user-guide/general/hooks.html

Use the pre-controller hook.

To easily manage API requests, play with the HTTP code

  • 404 : element not found (e.g. / client /: id)
  • 500 . The server has problems.
  • 401 : no token
  • 403 . This token does not have access rights to this resource (for example, a simple user who wants to access administration materials).

You have all the codes: http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

Avoid using a complex library when you can make it easier. Hooks are best for me.

I use NodeJS, and the concept is the same with Express middlewares.

+1
source

I developed the same type of application for mobile devices using phonegap and jQuery Mobile and used MySQL db for the external interface of my site, which is on the node js platform, but the general idea of ​​using the API to access all functions is the same.

API call for the server to enter the system and all other operations, such as fetching data, sending data to the server, etc.

If you have an API ready on your server side, then you just need to call these APIs to do everything. First, you can call the API login function and, if successful, pass the username and password, and then return the success token with user_id, which you can save in the local mobile database. I used SQLite for mobile storage.

then for every other request I used this token for authentication and performed an operation on the server.

You can also add an automatic login feature to the application, so you don’t need to log in every time.

0
source

More articles:


All Articles