Best practices and tutorials for ios authentication [closed] - iphone

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 9 years ago.
Improve this question
What are the best practices for creating a user authentication system for an ios application? Any good tutorials or insights on the process are helpful (newbie).

Stormpath is an authentication and user management backend service aimed at developers. You manage your own collection of users, verify their logins, and assign users to groups (roles). Your app makes calls to their server.
Parse provides a Parse Social service that lets your app do user authentication through Facebook or Twitter. Parse is being acquired by Facebook (as of 2013-04), so I don't know what that means for their future.
Okta is another.
Mozilla Persona is quite promising, but may not yet be ready for the real world. There is an open-source kit for iOS named persona-ios. Read a discussion on How to use Persona in a native iOS app?.
User authentication and identity as as service seems to be a new but burgeoning field.

If you are using a third party backend the stackmob, parse etc all handle authentication. If you are rolling your own then this project looks a reasonable way to go: http://quickblox.com/developers/SimpleSample-users-ios.

Related

How to make action "What's the Geology here"? [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 2 years ago.
Improve this question
I would like to make an action where people can ask the geology at a/their location.
This would make use of GET requests from web services which are made available through the OneGeology Geoportal (http://portal.onegeology.org/OnegeologyGlobal/)
GET requests look like:
http://portal.onegeology.org/OnegeologyGlobal/proxyxml?url=https%3A//gs-seamless.geoscience.nsw.gov.au/geoserver/onegeology/ows%3FSERVICE%3DWMS%26SERVICE%3DWMS%26VERSION%3D1.3.0%26REQUEST%3DGetFeatureInfo%26FORMAT%3Dimage%252Fpng%26TRANSPARENT%3Dtrue%26QUERY_LAYERS%3Dau_nsw_25k_geounits%26LAYERS%3Dau_nsw_25k_geounits%26INFO_FORMAT%3Dtext%252Fhtml%26I%3D50%26J%3D50%26CRS%3DEPSG%253A4326%26STYLES%3D%26WIDTH%3D101%26HEIGHT%3D101%26BBOX%3D-33.689918518066406%252C150.75199127197266%252C-33.620567321777344%252C150.82134246826172&_=1587457888900
Output is
https://gs-seamless.geoscience.nsw.gov.au/geoserver/onegeology/ows?SERVICE=WMS&SERVICE=WMS&VERSION=1.3.0&REQUEST=GetFeatureInfo&FORMAT=image%2Fpng&TRANSPARENT=true&QUERY_LAYERS=au_nsw_25k_geounits&LAYERS=au_nsw_25k_geounits&INFO_FORMAT=text%2Fhtml&I=50&J=50&CRS=EPSG%3A4326&STYLES=&WIDTH=101&HEIGHT=101&BBOX=-33.689918518066406%2C150.75199127197266%2C-33.620567321777344%2C150.82134246826172
Geoserver GetFeatureInfo output
So would want GA to respond with the "unit_name" attribute = "Londonderry Clay" .
Could someone point me in the right direction to develop such a service?
Would it be simplier if I made a mobile app version of the portal first? Or do I need to make a custom action via Dialogflow from stratch? or a 3rd way?
Well, what would be easier is to work with technologies that you're already familiar with.
Are you familiar with mobile programming? Go that route, although it will be more difficult to integrate voice for other Assistant platforms later.
Understand web programming more and you're used to building back-end services? Building a fulfillment webhook that makes this call from parameters from Dialogflow might be easier.
If you want to learn how this is typically done, and not necessarily go with what's easiest for you, you'll want to go the latter route. This involves
Designing the conversation
Building this conversation in Dialogflow
The specific procedures involved to get user information including specific location
Building a webhook running on a server to process the user input, including their location, making the call to the API, and returning the response to the user

REST API Security Issues [closed]

Closed. This question needs to be more focused. It is not currently accepting answers.
Want to improve this question? Update the question so it focuses on one problem only by editing this post.
Closed 6 years ago.
Improve this question
I have an html5 webapp that fetches data using jquery from rest java api. I have two questions:
How can I encrypt data on server and decrypt it locally with different key for each user. Where can I store this key in client side? Does it needed, or it is just enough to secure the rest service call with some authentication method?
Is there any standard way to prevent other rest clients (except browsers) to hit this rest api?
use HTTPS
Use authentication so you know who is hitting it - oauth, client certificates, session token - but there's nothing you can really do to prevent anything other than a browser accessing it. You could make it harder by rapidly recycling the authentication token using javascript (but this will break in horrible ways if the user opens more than one window).

publish iphone app that requires user to register [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I created iPhone app that requires the user to register and log in before open the app.
This application has been rejected from App Store and they gave me this message:
We found that your app requires customers to register with personal
information to access non-account-based features, which is not in
compliance with the App Store Review Guidelines.
Apps cannot require user registration prior to allowing access to app
features and content that are not associated specifically to the
user. User registration that requires the sharing of personal
information must be optional or tied to account-specific
functionality. Additionally, the requested information must be
relevant to the features.
I payed all my efforts and time in this app. So, my question is: Is there is any Solution to make the App Store accept my app without changing anything in its structure ??
Thanks in Advance.
You have two options:
Make the neccessary changes to the app.
Contact Apple, and explain why your application needs the user to register, and that the application is indeed in compliance with the rules.
Option 2 works best if the application actually conforms to the rules, but depending on what the app actually does, there might be a grey area. Unfortunately the outcome of this option can also be closely correlated to communication skills - so prepare your arguments before calling or mailing Apple.

Architecture for iphone app with facebook connect [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 6 years ago.
Improve this question
I'm working on an iphone app and i would like to seek advices on what's the best architecture for it.
Basically, the app implements facebook connect for users to login. Users will be able to select their friends whom they can message/send photos to (think of whatsapp). I will have a server which i intend to use to store their sent messages and photos. Whats's the best way to separate the components? And also, should the logic that deals with sending data to my server and reading from it know anything about the facebook connect componenet?
Does anyone has any ideas on whats the best architecture for such an app?
Compartmentalizing data access is a widely accepted practice and in your case, data access is:
Connecting to FB
Connecting to your database server
Ideally your domain logic shouldn't know where it is getting data from (web service, database, FB, G+, etc). All it should know is that it is getting data, and what it should do with that data.
Some common patterns that address abstracting your data access layer from your domain layer are:
Repository
DataMapper
The above links are to Martin Fowler's blog, but some searching around google or stackoverflow should yield additional clarity:
Data Access Layer Design Patters
Microsoft Article, but relevant to any modern OOP language (even mentions ruby).

Is Facebook capable to read through MS Access database before input? [closed]

Closed. This question needs details or clarity. It is not currently accepting answers.
Want to improve this question? Add details and clarify the problem by editing this post.
Closed 8 years ago.
Improve this question
How can I set up a business facebook page that when a user enters an email it will run through the company's database and ensure they are not already there before inputting the information into the database. I would like it to display a message to the user like, "Thanks you are already registered with us". I also need it to allow the user to still have access to the page. Sorry if this seems basic, but I have spent quite a while researching this and I believe it would be putting additional code in the authentication part, but I haven't been able to figure it out. Thanks!
Jennifer
Yes - you are correct - the functionality you are looking for would require additional authentication code in the form of server-side scripts. Only in that way would you be able to authenticate your users by cross referencing username/password or email values in your company's database.
If you yourself are a programmer then I would recommend looking into PHP for the server-side scripting and a mysql database (if the database does not already exist in another form - cringe).
Both PHP and mysql are free to use and there is a large knowledge base on the internet.
Here are some links to get you started.
Don't be afraid to jump in - the water is lovely :P
Basic PHP Tutorial from Zend
Basic Mysql Tutorial from Tizag
Good luck and happy coding!