ruby on rails - iOS / RoR - oauth2 session on server and client -
i have ios app using facebook sdk authenticate. able utilize omniauth, devise, , omniauth-facebook-access-token (via afnetworking) create user on server facebook account.
now need ios app's user able "have session" on ror server - passing info in headers or url each request authenticated or utilize cookie. when app makes api requests (json usually), need requests in context of user has been authenticated.
what best practice having authenticated ror user on ios app in situation?
some options come mind:
maintain cookie on client send piece of info each api request in header or somewhere else (access_token? user_id?)my concern want able add together additional oauth2 authentication providers without redoing code.
you need token authenticate user, should maintain sending csrf-token in order maintain app secure. take @ question, , see how csrf handeled in answer.
ios ruby-on-rails devise afnetworking omniauth
No comments:
Post a Comment