当前位置: 文江博客话题详情

在 PHP 服务器上从 iPhone 应用程序进行用户身份验证的良好解决方案

发布于 2024-12-12 09:22:46 字数 222 浏览 1 评论 0原文

我一直在尝试为 iPhone 应用程序实现安全的用户身份验证。我几乎是一个新手。我看到了许多代码片段和不同方式的建议,有些似乎已经过时了。在目前的情况下,什么是一个好的选择? JSON? ASIHTTP 请求?

到目前为止,我还没有找到合适的解决方案。我发现整合不同的想法并提出适合我的需求的解决方案有点困难。如果有人可以分享示例代码或至少向我指出在某处发布的解决方案,那就太好了。提前致谢。

托尼

原文

I have been trying to implement a secure user authentication for an iPhone app. I am pretty much a newbie. I saw many code snippets and suggestions for different ways, and some seemed out dated. In the present scenario, what would be a good option? JSON? ASIHTTPRequest?

Till now, I couldn't find a proper solution for this. I am finding a bit difficult to integrate different ideas and come up with a solution to suit my need. Would be great if someone could share a sample code or at least point me to a solution posted somewhere. Thanks in advance.

Tony

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(2

吃不饱 2024-12-19 09:22:47

我使用它成功地通过 iOS 应用程序对远程 PHP 服务器进行了用户身份验证。有点晚了,但它可能对某人有帮助:

-(void)saveNewUserDetails{
    [[NSUserDefaults standardUserDefaults] setObject:self.username.text forKey:@"userName"];
    [SSKeychain setPassword:self.pwd.text forService:@"MiniCEXReporting" account:self.username.text]; //store securely rather than in NSUserDefaults
    [[NSUserDefaults standardUserDefaults] synchronize];

}

-(void) makeConnection{
    self.activityIndicator.hidden=NO;
    [self.activityIndicator startAnimating];

    receivedData=[[NSMutableData alloc] init];

    NSString *userString=self.username.text;
    postRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://someURLhereWithUsernameappended/%@", userString]]];

    //for the real thing
    //postRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://somsis-dev.leeds.ac.uk/api/minicex/%@", self.username.text]]];

    [postRequest setHTTPMethod:@"POST"];

    NSURLConnection *connection = [[NSURLConnection alloc] initWithRequest:postRequest delegate:self];
    [connection start];    
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
    if ([challenge previousFailureCount] == 0) {
        NSLog(@"received authentication challenge");
        NSURLCredential *newCredential = [NSURLCredential credentialWithUser:self.username.text
                                                                    password:self.pwd.text
                                                                 persistence:NSURLCredentialPersistenceForSession];
        NSLog(@"credential created");
        [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
        NSLog(@"responded to authentication challenge");
    }
    else {
        NSLog(@"authentication failure username -%@- with password -%@-", self.username.text, self.pwd.text);
        UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Authentication Error"
                                                        message:@"Please check your username and password"
                                                       delegate:self
                                              cancelButtonTitle:@"Ok"
                                              otherButtonTitles:nil];
        [alert show];
        [self.activityIndicator stopAnimating];
        self.activityIndicator.hidden=YES;
    }
}

I used this to successfully authenticate a user with a remote PHP server from an iOS app. A bit late, but it may help someone:

-(void)saveNewUserDetails{
    [[NSUserDefaults standardUserDefaults] setObject:self.username.text forKey:@"userName"];
    [SSKeychain setPassword:self.pwd.text forService:@"MiniCEXReporting" account:self.username.text]; //store securely rather than in NSUserDefaults
    [[NSUserDefaults standardUserDefaults] synchronize];

}

-(void) makeConnection{
    self.activityIndicator.hidden=NO;
    [self.activityIndicator startAnimating];

    receivedData=[[NSMutableData alloc] init];

    NSString *userString=self.username.text;
    postRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://someURLhereWithUsernameappended/%@", userString]]];

    //for the real thing
    //postRequest = [NSMutableURLRequest requestWithURL:[NSURL URLWithString:[NSString stringWithFormat:@"https://somsis-dev.leeds.ac.uk/api/minicex/%@", self.username.text]]];

    [postRequest setHTTPMethod:@"POST"];

    NSURLConnection *connection = [[NSURLConnection alloc] initWithRequest:postRequest delegate:self];
    [connection start];    
}

- (void)connection:(NSURLConnection *)connection didReceiveAuthenticationChallenge:(NSURLAuthenticationChallenge *)challenge {
    if ([challenge previousFailureCount] == 0) {
        NSLog(@"received authentication challenge");
        NSURLCredential *newCredential = [NSURLCredential credentialWithUser:self.username.text
                                                                    password:self.pwd.text
                                                                 persistence:NSURLCredentialPersistenceForSession];
        NSLog(@"credential created");
        [[challenge sender] useCredential:newCredential forAuthenticationChallenge:challenge];
        NSLog(@"responded to authentication challenge");
    }
    else {
        NSLog(@"authentication failure username -%@- with password -%@-", self.username.text, self.pwd.text);
        UIAlertView *alert = [[UIAlertView alloc] initWithTitle:@"Authentication Error"
                                                        message:@"Please check your username and password"
                                                       delegate:self
                                              cancelButtonTitle:@"Ok"
                                              otherButtonTitles:nil];
        [alert show];
        [self.activityIndicator stopAnimating];
        self.activityIndicator.hidden=YES;
    }
}
回复 原文
-黛色若梦 2024-12-19 09:22:46

您的服务器有什么类型的用户身份验证?您可以使用基本身份验证进行身份验证,这几乎意味着发送 Authorization<每个请求的 /code>标头。

ASIHTTPRequest 具有启用基本身份验证的功能,甚至可以显示登录对话框(如果您是)可以使用它(该项目刚刚停止)。

您显然需要 也在您的服务器上实现基本身份验证

What kind of user authentication does your server have? You could use Basic Auth for authentication, which pretty much means sending the Authorization headers with every request.

ASIHTTPRequest has functionality enabling basic auth and even presenting a login dialog, if you're OK with using that (the project's just been discontinued).

You would obviously need to implement basic authentication on your server as well.

回复 原文
~没有更多了~

关于作者

孤独岁月

暂无简介

0 文章
0 评论
24 人气
发私信

相关话题

更多

热门标签

操作系统 程序设计 IT运维 Linux系统管理 JavaScript 服务器应用 solaris C/C++ PHP Shell BSD Vue.js aix Oracle Python HTML 系统管理 HTML5 CSS 前端
更多

推荐作者

Gabu-gabumon

文章 0 评论 0

qq_CgiN62

文章 0 评论 0

荔枝明

文章 0 评论 0

赏烟花じ飞满天

文章 0 评论 0

独守阴晴ぅ圆缺

文章 0 评论 0

¤→小豸慧

文章 0 评论 0

更多

友情链接

文江博客
    我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
    原文