so I got my iPhone app to use the keyChain and store my password.
KeychainItemWrapper *kc = [[KeychainItemWrapper alloc] initWithIdentifier:#"Password"];
[kc SetObject:#"My_Password" forKey:(id)kSecAttrAccessGroup];
[kc release];
This saves my password correctly.
I tried to pass a string (username) instead of (id)kSecAttrAccessGroup to relate the password to a specific username, but It crashes.
QUESTION: How can i relate the stored password to a username, because my app allows multipple user to login.
I know it's not really an answer to your quesiton. But I use SFHFKeychainUtils(Github).
It's also a wrapper and it allows you exactly what you are looking for. Store a password associated to a username. Here's some code how I did it with SFHFKeychainUtils.
NSString *username = #"Username";
NSString *password = #"Password";
[SFHFKeychainUtils storeUsername:username andPassword:password forServiceName:#"Your App" updateExisting:YES error:NULL];
Or pass an pointer to a NSError object if you want any error information. ;-)
I hope my answer will help you...
Sandro Meier
Related
I want to store username and password in a session , if a user login successfully then he will be directed to the welcome screen where a logout button is exist.
now if user close the application without log out the account and restart the app the he must be directed to the welcome screen skipping the login screen. and if user restart the app after logout then he must enter the username and password to come on welcome screen. help me out. i am new to iphone.
you may store the username and password in User Defaults or in Keychain (if want to keep it secure ). So on loading the app if you find username and password stored in Userdefaults , you may directly login to welcome screen and if not stored then show the login screen...
see this is the same as you want help with iphone session login
you can store whole array in the Userdefault, UserDefault is a one type of session in the iPhone...
here you can store any value or array in the UserDefaul..
In AppDelegate.h file just declare variable...
NSUserDefaults *userDefaults;
here it not compulsory to global declare this userDefault, you can direct use the userdefault where you want
after...
In AppDelegate.m Fille in applicationDidFinishLonching: Method or anywhere which you want to store username and pssword
userDefaults = [NSUserDefaults standardUserDefaults];
[userDefault setObject:yourName forKey:#"UserName"];
[userDefault setObject:yourPassword forKey:#"Password"];
[userDefault synchronize];
after that when you want get data from this UserDefaults Use Bellow Code...
NSString *userName = [[NSUserDefaults standardUserDefaults] valueForKey:#"UserName"];
NSString *password = [[NSUserDefaults standardUserDefaults] valueForKey:#"Password"];
i hope this helpful to you...
:)
I've stored my credentials in the KeyChain in the Login.m class
[SFHFKeyChainUtils storeUsername:self.usernameField.text andPassword:self.passwordField.text forServiceName:#"myApp" updateExisting:TRUE error:&error];
Now when i delete from memory my app from my iPhone and start it again, if the user has logged in before, i want the login screen to be skipped and next screen to be shown.
Now my question is, how to do that in AppDelegate.m class. I want to access the current user's credentials and if they are filled with data, login screen to be skipped.
[SFHFKeyChainUtils getPasswordForUsername:??? andServiceName:#"myApp" error:&error];
I know that this is the way if getting the password for a given username, but the problem is that i dont have the access to the username in the AppDelegate class.
Can someone help me?
Thank you :)
I've found a solution using NSUserDefaults, storing username and password for later use, but on several posts i've read that using SFHFKeyChainUtils is more secure than NSUserDefaults.
I have an app in the App Store that uses geofences to post updates to our local API. To date, this has been a smashing success. A couple months ago I installed Flurry to get some insight into customer usage and any unhandled exceptions out there. What I started getting back were some errors pertaining to the saved token we use to authenticate the user id.
This token is an MD5 salted hash of the username and password. No issues here, we use it for everything in the app. I store it in the NSUserDefaults and retrieve it before every API call. As we started narrowing down our search for the culprit, it is showing that we are sending a token that doesn't exist anywhere on our servers. When the user trips a geofence, it updates their status automatically, but a very small percent has been failing in the background causing some customer concerns.
Sorry for the long precursor, on to the question. What would cause my value in NSUserDefaults to get loaded to an NSString differently from one time to the next? I have tested the logic, it will update me 3 times in a row when I show up for work, but the 4th, I'll get a token failure error back from the server. There is no rhyme or reason to why it fails. Our server is logging these failed tokens and we can't match them up to anything.
So if anyone has any insight on this matter, I would very much appreciate it. Could it be messing up when I store it to NSString? Could it be some inconsistencies with my POST method? It might even be on our server, I dunno. I'm hoping everyone on SO can lend a hand and help me get some new insight. Thanks in advance.
//Loading the token... done this way for EVERY API call
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
NSString *token = [defaults objectForKey:#"token"];
Code taken from my API class
//My POST method for updating our API
NSString *requestData = [NSString stringWithFormat:#"?auth_token=%#", token];
NSData *myRequestData = [NSData dataWithBytes: [requestData UTF8String] length: [requestData length]];
NSMutableURLRequest *request = [[NSMutableURLRequest alloc] initWithURL: [NSURL URLWithString:[NSString stringWithFormat:#"%#/api/user.json%#", webAddress, requestData]]];
[request setHTTPMethod: #"POST"];
[request setHTTPBody: myRequestData];
NSData *jsonData = [NSURLConnection sendSynchronousRequest: request returningResponse: nil error: nil];
NSString *json = [[NSString alloc] initWithData:jsonData encoding:NSUTF8StringEncoding];
NSDictionary *payloadData = [json JSONValue];
if([[payloadData objectForKey:#"success"] boolValue]) {
// if i get here, successful update
} else {
// update unsuccessful, error message returned... bad token
}
Are you using any 3rd party libraries? "token" is a very common string, I would change it to something else. It's possible some other code is stomping on your token with their token.
I don't want this question to linger out there and waste anyone's time or energy. After some recent testing, I don't believe my issue is with the user defaults or the saved token. There are already answers out there, so I can't delete the question. So I'll just leave a small answer here and close it out.
I ended up moving all the login credentials to the iOS keychain. I salt and hash the email and password each time I need an API token. It creates a little more overhead for each API, but knowing my users' credentials are safe and secure is probably worth it. I still have my issue, but I think I'm getting closer to nailing it down. Thank you to anyone that has looked at my question.
I am creating an app for Facebook and twitter integration using sharekit. That works fine. But now I want to retrieve the username and password for facebook login. I followed this link.
But I am not able to retrieve these..
I can't understand how can use that method and where can i use to retrieve username and password
Can you please guide me if you know.
First of all, you can't retrieve a user's Facebook password. Hopefully the reasons for this are obvious.
You can, however, retrieve the access token that your app is granted once you connect your app to a user's Facebook account using ShareKit.
As of this writing, I don't believe ShareKit makes the access token accessible directly, but there's an easy hack to retrieve it.
Step 1: Ensure that you're app is authorized to connect to Facebook
BOOL isConnected = [SHKFacebook isServiceAuthorized];
If you get isConnected == NO here, your UI should indicate that the user needs to connect to Facebook to use your sharing features.
Step 2: Get the access token in order to access the user's Facebook data
Assuming you got isConnected == YES in step 1
// Hack into ShareKit's user defaults
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
NSString *accessToken = [defaults valueForKey:#"kSHKFacebookAccessToken"];
Step 3: Bypass ShareKit and make a custom query to the Facebook SDK
Assuming a property in your class such as this one...
// Change "strong" to "retain" if not using ARC
#property (nonatomic, strong) SHKFacebook *shkFb;
...you can start a Facebook query with something like this...
if ( !fb ) {
// This is how SHKFacebook instantiates a Facebook object. YMMV.
self.fb = [[Facebook alloc] initWithAppId:SHKCONFIG(facebookAppId)];
}
NSMutableDictionary *fbParams = [NSMutableDictionary dictionaryWithObjectsAndKeys:
#"name", #"fields",
accessToken, #"access_token",
nil];
[fb requestWithGraphPath:#"me" andParams:fbParams andDelegate:self];
Step 4: Implement the Facebook delegate methods
Once the Facebook query's done, it'll notify your object, at which point you can do fancy things such as display the user's name to make it clear whose wall will get posts sent from your app.
You'll need to declare the FBRequestDelegate protocol in your .h, of course:
#import "Facebook.h"
#interface YourClass : NSObject <FBRequestDelegate>
And you'll need to implement (minimally) the success and failure methods from FBRequestDelegate:
#pragma mark - FBRequestDelegate
- (void)request:(FBRequest *)request didLoad:(id)result {
// Additional keys available in "result" can be found here:
// https://developers.facebook.com/docs/reference/api/user/
NSString *username = [result objectForKey:#"name"];
// Localize if you're at all interested in the global app market!
NSString *localizedString = NSLocalizedString(#"connected as %#",
#"Connection status label");
// The label will read "connected as <username>"
self.statusLabel.text = [NSString stringWithFormat:localizedString, username];
}
- (void)request:(FBRequest *)request didFailWithError:(NSError *)error {
// Handle failure
// (In our app, we call [SHKFacebook logout]
// and display an error message to the user with
// an option to retry connecting to Facebook.)
}
I believe clozach's answer is for an older version of ShareKit. In the most recent (as of Jan 30 2012) the method of acquiring the Facebook Access Token provided fails with accessToken always being nil.
// Hack into ShareKit's user defaults
NSUserDefaults *defaults = [NSUserDefaults standardUserDefaults];
NSString *accessToken = [defaults valueForKey:#"kSHKFacebookAccessToken"];
Instead, using
NSString *accessToken = [[FBSession activeSession] accessToken];
works for me.
ShareKit uses FBConnect internally for authentication. So the values can't be retrieved using the same method as you would for Twitter. FBConnect uses a UIWebView view to connect to the server while authenticating. After authentication, the app will store a token which can be reused to publish the text until the user discards the token on Facebook.
So, the answer is no. You can't get that data.
Hey, I am using facebook connect sdk for iPhone, every time I start my app and click login, there would be a login screen asking me to input my name and password.
Is there any way to keep me logged in once I input my name and password, that's to say, I needn't to input my name and password again the next time I start my app?
According to the Platform Guidelines 1.3, you are not allowed to store a Facebook user's credentials. The best you can hope for is that your user checks the "Keep me logged in" option. She should be able to post without having to login any time soon, even if she restarts your app.
The following snippet works with the above scenario:
NSString *fbAPIKey = ...;
NSString *fbApplicationSecret = ...;
_session = [[FBSession sessionForApplication:fbAPIKey secret:fbApplicationSecret delegate:self] retain];
// checks whether session can be resumed - whether login is required
if (![_session resume]) {
FBLoginDialog *loginDialog = [[[FBLoginDialog alloc] initWithSession:_session] autorelease];
[loginDialog show];
}
Store the password (or the requisite hash of it) somewhere.
You need to use the keychain. Have a look to this article: http://log.scifihifi.com/post/55837387/simple-iphone-keychain-code