All geek questions in one place

How to save login status using web server in iPhone app?

I just would like to have an iPhone app that logs onto a web server with the username and password entered and then supports this login so that the user can send POST data to the server.

Is it just a cookie issue? If so, how do you check to verify that the user is logged in?

Thanks.

+2
source share
2 answers

Is it not a question of how your server ensures the correctness and durability of logins? The server can be very picky and prevent the login from continuing if it looks like it has been inactive for more than tens of seconds or if the IP address has changed. Some servers may be smaller if you provide the correct session or transaction identifiers. Then there are cookies. It all depends on the server you are accessing.

When you speak:

If so, how do you check to confirm that the user is logged in?

Are you talking about how your iPhone application checks or how the server checks? If with an iPhone, he should try something quick, like a status call, and if the server asks for authentication, then you authenticate. If not, it depends on the server, you can assume that you have already authenticated.

Some applications often use authentication, assuming that the login time is over. Other applications do not like to hold on to the user's password, so they try to do this very rarely, and when they need to, they display the login screen, so they do not need to store the password.

+2
source

If you donโ€™t have control over the web server, and the login process is what I did in one of my applications:

[[NSString alloc] initWithContentsOfURL:someURL usedEncoding:&enc error:&error];

This method already uses cookies, so if you are logged in, you will remain logged in. Suppose the server stores the session identifier in a cookie, and the session identifier is used to identify the user's session (which is the usual way for someone to implement a website).

To check if a user is registered, you simply parse the resulting website. Most websites redirect your request to the login page if the user has not previously logged in.

To clarify the issue, follow these steps:

  • Send a request to any URL that requires login.
  • Check result
  • If the result was a login page โ†’ send user credentials and start from 1.
  • Parse the result
+2
source

Source: https://habr.com/ru/post/926015/

More articles:


All Articles