Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
E
E
EvilDev2015-08-05 13:11:00
PHP
EvilDev, 2015-08-05 13:11:00

Cordova, how to log in to another server?

Good day.
There was a task to write a mobile client, but there was a problem with authorization. Cross-domain request to do it turned out like this:

.service('$request', function($q, $http, $ionicPopup, $localStorage) {
        return {
            post: function(r, postData, urlParams) {
                var defer = $q.defer(),
                    url = $localStorage.getObject('user').hostname + r + '?'
                        + _.values(_.mapObject(urlParams || {}, function(v,k) { return k + '=' + v; })).join('&');

                $http({
                    url: url,
                    method: "POST",
                    data: postData || {},
                    headers: {
                        'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8'
                    }
                }).then(function(result) {
                    if (!result.data.success) {
                        $ionicPopup.alert({
                            title: 'Ошибка',
                            template: result.data.error
                        });
                        defer.resolve(false);
                    }
                    else {
                        defer.resolve(result.data);
                    }
                });
...

Everything works here and in case of an incorrect password, it displays an error. If you can log in, go to the dashboard and there is an error, the next request requires authorization. I looked at the cookies, it's empty, although there should be a php session identifier. How to properly implement authorization with remembering cookies?
PS Authorization by tokens will not work.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

1 answer(s)
Report
S
Sergey, 2015-08-05
Protko @Fesor

Authorization by tokens will not work.

And it will have to. Well, or shove tokens into cookies, but this makes you vulnerable to CSRF attacks, and in order to protect yourself from this, you still have to send CSRF tokens.

Similar questions
I
IgorPlays2021-06-16 15:24:12
How to take data from a table and assign it to a variable? 1Reply
I
Ivan Fotiev2015-10-07 17:56:26
How to transfer longitude and latitude to maps? 1Reply
S
Stas Karpik2020-04-21 17:18:46
Why is an empty string being passed to the DB instead of the user's response? 2Reply
M
Michael Compass2020-04-21 18:09:48
How to check and save multiple proxy types to txt file using curl_multi? 1Reply
A
Alyosha2018-02-12 11:16:36
How to connect ldap to php 7? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question