I am looking for best practice prompting user credentials. I must encode the possibility that after a user logs in from the phone, they can log in from another device or web page and change the password. Since I am running BASIC auth, this token will now be incorrect and I will need to handle it accordingly.
I started a new project with AFNetworking. I subclassed AFHTTPClient and I redefined the HTTPRequestOperationWithRequest message to set an authentication block for it after I make the call super. In this block, I have to create a new NSURLCredential object and send it back to the sender. I get so far.
What I do not receive is how I should invite the user. Ideally, I would like to press the login screen on my nav controller with the login button. When you click on the login button, an NSURLCredential will be created and sent back to the sender.
- Do I have to somehow block inside the task block? This does not seem right.
- Should the NSURLAuthenticationChallenge be saved globally? Eww.
- Should I click the login page from my subclass of AFHTTPClient? Looks like I'm breaking the separation of concerns.
- Should I call the AppDelegate application to request the user and pass the NSURLAuthenticationChallenge object to it? Sounds better, but still not sure.
source share