iPhone/iPad(iOS) 到 MySQL 服务器 - 数据处理
我想开发一个应用程序来与网络服务器通信。 我有一个网络服务器,其中包含我想要加载到 iOS 设备上的数据。
我的目标是:
- 我启动应用程序
- 登录网络服务器(如果我之前连接过网络服务器,则可以离线使用)
- 处理我的数据,阅读我的新闻等,更改任何数据(在线和离线)
- 在使用应用程序时检查是否有任何数据发生更改,并将更改“snyc”或“上传”到网络服务器
*The Data's are only text, no images, no files at the moment*
现在我的问题是,哪种方式最适合我的应用程序?
我的网络服务器应该使用哪个 API 来与 iOS 设备通信?
- 我读过很多 XML 和 JSON,可能 JSON 是在网络服务器和 iOS 上使用它最快、最简单的。
我如何离线使用该应用程序并在更改时解析它?如果有任何变化,我如何同步它?
如何解决登录、如何认证?我认为这是一个非常重要的安全点。
我认为仅使用 Request 工作效率不高,因为有很多数据。
感谢您的任何建议,
刷子51
i want to develop an app to communicate with a webserver.
I have an webserver with data's which i want to load on iOS devices.
My aim is:
- I start the app
- Login to the Webserver (or use offline if i have connected to the webserver before)
- Handle my data, read my news and so on, change any data(Online and Offline)
- Check while working with the app, if any data's changed and 'snyc' or 'upload' the changes to the webserver
*The Data's are only text, no images, no files at the moment*
Now my question is, which is the best way for my app?
Which API should i use for my webserver to communicate with the iOS device?
- I have read a lot of XML and JSON and may JSON would be the fastest and easiest to use it on a webserver and on iOS.
How can i use the App offline and parse it on changes? And if anything changes, how can i sync it?
How should i solve the login, how to authenticate? i think this is a very important point of security.
To work only with Request would not be efficient, i think, because there are a lot of data's.
Thanks for any recommandations,
brush51
对于通信,请考虑使用 ASIHTTPRequest 之类的库。
数据格式(JSON、XML)完全取决于您。我喜欢 JSON,而且它现在确实很流行。
至于身份验证,请考虑使用 https:// 请求来保护通信。通过 https 发送用户名/密码,然后分配带有身份验证令牌的 cookie。在后续请求中,身份验证令牌将在 cookie 中(自动)发送,并且如果您使用 https://,则身份验证令牌将被加密。您的 api 需要确保 cookie 中的身份验证令牌是合法的,然后进行处理。
这是我过去使用过的一种安全方法,而且效果很好。您可以阅读很多关于如何保护通信安全的好文章。
查看保护 REST API/Web 服务的最佳实践
另请参阅如何创建完全安全的 Cookie
For communication, consider using a library like ASIHTTPRequest.
The data format (JSON, XML) is really up to you. I like JSON and it is trendy at the moment for sure.
As far as authentication, consider using https:// requests to secure the communication. Send the username / password over https and then assign a cookie with an authentication token. On subsequent requests the authentication token will be sent along in the cookie (automatically) and will be encrypted if you are using https://. Your api's will need to make sure the authentication token in the cookie is legit, then do the processing.
That's one approach on security I've used in the past and it works well. There are a lot of good articles you can read on how to secure your communication.
Take a look at Best Practices for securing a REST API / web service
Also see How to Create Totally Secure Cookies