Need to authenticate users from app to server - eclipse

I'm creating an app both for android and IOS, the first time the user starts the app he'll be presented with a login screen, the server with all the credentials is already up so I just need to send through POST method username and password and check the server response (success or failure), then If the username and password are correct I was thinking about saving them in the NSUserDefaults and everytime the user opens the app I won't show them the login screen again but as a background task the app will retrieve the credentials from the NSUserDefaults and send them again to the server (It may return failure if the user has been eliminated or has changed his password), I just wanted to know: is this the right approach to this problem?

Related

How to get gmail logged in user detail using GIDSignIn after app restart in Swift iOS

I have integrated GIDSignIn in iOS swift project. I am able to login and get user detail like email using.
GIDSignIn.sharedInstance()?.currentUser?.profile.email
But when I kill and restart app GIDSignIn.sharedInstance()?.currentUser become nil. And I need to sign in silently in app to get the currentUser detail.
Is there any way to get email address of logged in user when app restart without silent sign in?

Auto log out from devices

I have a RestAPI which will hit to authenticate the user. This api is to android they hit this api to allow user to login to our app
My requirement is this.1) If user has cell phone say xyz phone with IMEI "xyzz1234". Now if he tries to log in from his 2nd phone than he should not be allowed to login from 2nd phone. He should log out automatically from abc device.
As i am using ionicv1 framework for mobile applications.
You can update the deviceID in your database once the user Sign in on another device.
In your signIN API, validate your deviceID.
For the case of login state saved in your app, you can hit an API at your dashboard on startup which can make the person logout.
This could be one possible approach :)

Handling iCloud user changes

I am wondering what the best way is to detect a changed iCloud user account when the the app was force quit by the user.
When the app is in the background and the user changes their iCloud account, a notification 'CKAccountChanged' is sent by the time the app enters the foreground so it can be handled. OK.
BUT what if the app was force quit by the user?
My approach is to store the user token locally. At the next app launch, the user token is retrieved and checked against the locally saved one.
Is there a "nicer" way?

iPhone app token session with the backend

I'm creating an iPhone app with a ROR 3 backend. I'm just wondering about the best practices with regards to user sessions and session tokens. I would like to design the app such that after an initial registration, the user is always logged in. Is this best done by saving the username and password in NSUserDefaults and automatically logging in behind the scenes when the app launches and using the generated token (stored in the delegate?) for all the operations.. and then basically every time the app launches, a new token is generated.
Or, upon the initial registration, save the token in NSUserDefaults and use that token with every launch?
Thank you and best regards!

Application session in iOS?

I need to create a "login application" but I don't know about session in iOS. My application need login to my website (PHP based website) to get data. Can anybody tell me how to create and manage application session in iOS app? Thanks!
There's no concept of web/browser session (whatever that means to you) in iOS. iOS applications are just launched when a user touches the icon, and are quit when the user quit them.
Typically you require the user to input the login id and the password when the app is launched, and you create a web/server/browser session by accessing the web server. You can keep the id and the password securely inside in the storage of the iPhone, so that the user doesn't need to input them again and again whenever the program is launched.