iphone - http authentication in devise and rails 3 -

-

I have an application which is planning on Rail 3. I would like to enable HTTP Authentication so that I can authenticate my web app from an iPhone app

Is it safe or should I have a different authenticity?

From the design point view you get 3 options:

1) Basic Use HTTP authentication: Your iPhone app is a secret key - cooked in your iPhone app code - which uses the web app to authenticate each request Google Search: "Prepare Basic HTTP Authentication"

2) You have a public certificate in your iPhone app and a private server on your web app. You can use the https through Ifikets. It's a lot of work to configure properly, because your iPhone app and the rail server are exchanging messages on an encrypted channel, it's very safe. Authentication is done at the transport level, hence the security is also transparent for your railway code.

3) The iPhone app connects to the web app using https, receives an authentication token that it regularly uses to call the web app at http. 1, because the key may end, there is quite a lot more scalable for implementation.

To implement the HIP authentication (either basic or digest) I recommend that you will see.

At:

And

The exact steps will depend on your rail server stack.

EDIT 2: I do not think Devise provides a way to get AUTH_Token. I can see that you can try several solutions:

  • When the user logs in to the server, then retrieves the authentication_token and puts it in the cookie until you share it Do not encrypt with the secret key, until it is not very secure.

  • You can provide an https web service that uses your iPhone app to obtain a user token.

    Sorry, I can not do much more with actual code.

Comments

Post a Comment

Popular posts from this blog

qt - switch/case statement in C++ with a QString type -

-
I want to use switch-case in my program but the compiler generates an error. How can I use the switch statement with QString ? The compiler gives me this error: The expression of the switch type 'QString' is invalid My code is as follows : boolStopWord (the word QString) {bool flag = false; Switch (word) {case "the": flag = true; break ; "On" case: flag = true; break ; Case "in": flag = true; break ; Case "your": flag = true; break ; Case "near": flag = true; break ; Case "all": flag = true; break ; Case "this": flag = true; break ; } Return flag; } How do I use the switch statement with a Caststring ? You can not use the switch statement in C ++ language with integral or enum types. You can formally enter the square type of object in the switch statement, but this means that the compiler will look for a user-defined conversion to convert it to an integral or enum type.
Read more

python - sqlite3.OperationalError: near "REFERENCES": syntax error - foreign key creating -

-
I'm trying to create a predefined key after checking the manual and I wrote it: Db.execute ("create table" Table 2 (id, integer primary key, somedata integer) "db.execute" (table creation table 2 does not exist (name text, maintain reference (id) ") and found this: sqlite 3. Operation error: near" references ": syntax error Your second ligne is wrong db.execute ("create table if table does not exist 2 (name text, my_id integer, foreign key (my_id) reference Maintenance (ID)) ") as explained
Read more

Python's equivalent for Ruby's define_method? -

-
What is a Python equivalent for Ruby's define_method , which is the dynamic generation of class methods will allow? (As can be seen in Wikipedia) Functions are first-class objects in Python and assign them The properties of a class or an example can be a way of doing the same thing as a Wikipedia example: colors = {"black": "000", "red": "F00", "green": "0f0", "yellow": "ff0", "blue": "00f", "magenta": "fff", "cyan": "0ff", "white": " FFF "} Class MyStream (ARR): Pass for Name, Code in colors.iteritems (): def _in_colour ( W code = code): return '& lt; Span style = "color:% s" & gt;% s & lt; / Span & gt; ' % (Code, self) setter (histrive, "in_" + name, _in_ color)
Read more