2

Assuming I want to create an app that allows users to login. The accounts are stored securely in a server. Some pages are also not visible to users who haven't logged in yet. Can someone guide me on how to do so? So like how to deal with "sessions" and all that. How would I do that if the database online is MySQL?

On another note, to implement "OAuth" the database has to be OAuth-compatible, am I right on this? And if so, how would I use OAuth on iOS? Is there an Apple API for that?

I appreciate any help / guidance

Thank you,

darksky
  • 20,411
  • 61
  • 165
  • 254

1 Answers1

5

Let's do this part by part:

  1. It doesn't matter what is powering the server-side of things. Be it MySQL, Oracle, SQLite, if you have a dynamic language that connects to that DB and outputs XML or JSON data, you're set.

  2. Dealing with sessions is easy. You can use NSHTTPCookieStorage to have that handled automatically for you. Because sessions are set via a cookie, any HTTP request will set that cookie locally and send it in future requests.

  3. As far as permissions go, I would do that validation server-side. Because you have the session, and you should know server-side wether the user is logged in or not, just send a list of pages the user can see.

  4. There are a few OAuth libraries you can use. The OAuth project lists a couple that seem straightforward enough to use. If you're looking for Twitter integration however, a question has been asked here with pretty good answers.
  5. Returning to the server-side of things, this can be easily achieved using a dynamic language such as PHP or using the Ruby on Rails framework. RoR is really good in that aspect in the sense that you can quickly bring an API up by using its gems (Devise, OAuth2, etc)
Community
  • 1
  • 1
changelog
  • 4,646
  • 4
  • 35
  • 62
  • Thank you. Just two more questions: 1) How would I send a list of pages that a user can see? Using an RSS feed for example? 2) OAuth has to be set up on the server first, correct? – darksky Jun 20 '11 at 09:45
  • 1
    Yes and yes. RSS feed is a well established format (and you can find loads of tutorials online such as [this one here](http://www.raywenderlich.com/2636/how-to-make-a-simple-rss-reader-iphone-app-tutorial)). Might be a bit of overkill, but it's up to you. OAuth needs to be implemented on server-side first as well. To be fair, I'd make simple sessions work, and then go with OAuth, but it's up to you :-) – changelog Jun 20 '11 at 10:15
  • Yeah - I'll work with simple sessions first before working on OAuth. I'm already an expert is parsing RSS and JSON :) Thank you! – darksky Jun 20 '11 at 12:40