Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
EvilDev2015-08-05 13:11:00
PHP
EvilDev, 2015-08-05 13:11:00

Cordova, how to log in to another server?

Good day.
There was a task to write a mobile client, but there was a problem with authorization. Cross-domain request to do it turned out like this:

.service('$request', function($q, $http, $ionicPopup, $localStorage) {
        return {
            post: function(r, postData, urlParams) {
                var defer = $q.defer(),
                    url = $localStorage.getObject('user').hostname + r + '?'
                        + _.values(_.mapObject(urlParams || {}, function(v,k) { return k + '=' + v; })).join('&');

                $http({
                    url: url,
                    method: "POST",
                    data: postData || {},
                    headers: {
                        'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8'
                    }
                }).then(function(result) {
                    if (!result.data.success) {
                        $ionicPopup.alert({
                            title: 'Ошибка',
                            template: result.data.error
                        });
                        defer.resolve(false);
                    }
                    else {
                        defer.resolve(result.data);
                    }
                });
...

Everything works here and in case of an incorrect password, it displays an error. If you can log in, go to the dashboard and there is an error, the next request requires authorization. I looked at the cookies, it's empty, although there should be a php session identifier. How to properly implement authorization with remembering cookies?
PS Authorization by tokens will not work.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey, 2015-08-05
Protko @Fesor

Authorization by tokens will not work.

And it will have to. Well, or shove tokens into cookies, but this makes you vulnerable to CSRF attacks, and in order to protect yourself from this, you still have to send CSRF tokens.

Similar questions
M
Maxim Timofeev2015-09-09 20:25:40
How to split a MySql table and is it worth it? 2Reply
G
gitdev2017-08-28 19:06:00
Is it possible to use the standard User model to save an update to the DB? in laravel? 2Reply
A
Ambal892017-09-05 10:37:25
How to make an interactive map in wordpress 2Reply
Y
YVW2017-09-15 17:14:25
Design of desktop programs on windows? 3Reply
S
Sergey2017-09-22 21:50:12
How to restrict user access to disks on Windows 10? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question