What is the best way to make authorization in a mobile application?

E

evilelf2016-04-07 15:38:38

Yii

evilelf, 2016-04-07 15:38:38

Hello.
You need to make authorization in the mobile application through the server of your own site.
What is the best way to do this?
Where to store the password hash and in what form?
Application on android.
Site on yii1.1.17
Thank you all.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

K

Kanye West, 2016-05-03
@Sneidi

I'll add to @dewil's answer .
I'll tell you briefly using simple examples, and you'll add it yourself.
1. Make a php script on the server that will receive a login and password via GET or POST and access the users table.
Something like this:

...
$login = $_GET['login'];
$pass= $_GET['pass'];

if(isset($login) && isset($pass)) {

$request = "SELECT * FROM `Users` WHERE login='$login' and password='$pass'";
$result = mysql_query($request);
if (!$result) {
   ...
} 
}
...

Скрипт будет возвращать либо положительный, либо отрицательный response

2. Make a LoginActivity, create a layout where there will be two EditTexts for entering a login and password. On click, send data to your script and parse the response. If authorization passed, keep some flag in SharedPreferences that the user is authorized. 3. When you click on "Exit", clear the flag in
SharedPreferences

D

dwl is, 2016-04-14
@dewil

So do you already have a website or not?
If there is, then authorization on it is also most likely already there, just write an API through which the mobile application can log in, and give it a token. With this token, the application will request all data from the site after authorization.
Store password hashes in the database. Of course, passwords should not be stored in clear text anywhere. And the application only store the token.