Giridhar Giridhar - 3 months ago 12x
Java Question

how to use basic authentication in Android/IOS app with Google Cloud EndPoints(java)

I am trying to use Google End Points(Java) for my IOS App, I don't want to use Oauth2.0 as it makes users to have google account mandatorily which is bad for application. How to use basic authentication like (username & password) with Google End Points. And also after user login, how to authorise every requests basically by sharing authentication token between server and client app.


Server side pretty simple:

public class User {

     @Id private String username;
     private String password;
     /*getters setters ommited*/

@Api(name = "userapi", version = "v1", description = "userapi")
public class UserService {

         ObjectifyService.register( User.class );

     @ApiMethod(name = "create")
     public User createUser(@Named("username") String username,     
                                    @Named("password") String password){
         User user = new User();
         return user;

    @ApiMethod(name = "get")
    public User getUser(@Named("username") String username, 
                                  @Named("password") String password){
           User user = ofy().load().key(Key.create(User.class, 
           return user;

Registration request you send to createUser method, and login request to getUser. I cannot help you with client too much, as I don't know Objective C. Below Javascript client example, may be it will give you some hints:

var login = function() {
    message = {
        "username" : $scope.username,
        "password" : $scope.password


    gapi.client.userapi.get(message).execute(function(user) {
        if (!user.code && user.password) {
             //successfully logged in
            console.log('successfully  logged in');



About token there are many options. You can generate some string and return it in case of successful login to client and save it to datastore with User object. Or you can concatenate username:password and encode string with base64 and use result string as auth_token. In last case you don't need to save it to datastore.