CodeDump
zappee zappee - 8 months ago 58
Java Question

RESTful webservice with auth for mobile application

I have developed many stateless RESTful webservices for a mobile application in Java and they are working very well.

For example:



Now, I have to extend these services because I have to send different data back to the mobile for every user. So I need to know on the server side which user try to get or set information. And I have to prevent the serve of unauthorized users.

There are two different way how user can login into the mobile application:


  1. log in with facebook account

  2. log in with an application account



I need to develop two login and a logout services because the users who use the mobile application have to login into the application.

I read lots of article about auth and RESTful and OAuth.
I think I have to develop two login services with two imput parameters: username and password.

For example:


  • localLogin(String username, String password) -> token

  • facebookLogin(String username, String password) -> token



These logon services have to generate a same token and send it back to the mobile application in the http header. And after the login process the mobile client has a token. And the client has to send this token to the server when it makes a RESTful server call.

What do you think? Is my idea good?

If it is, could you help me how can I start to develop this in Java?

If it is not, could you tell me the good way?

divyanshm divyanshm
Answer Source

You do not need 2 log in procedures. Just use the Facebook SDK!!

i) In your app would be a login with facebook button.

ii) User clicks on it and is then redirected to the facebook login page, where the user enters his credentials and facebook returns a token to you. You do not have to worry about the user's facebook credentials or storing them anywhere! Facebook will handle that for you. Consider the FB login part as black box to your app - you simply make a FB SDK's login call and it will do some processes and give back a access token to your app.

iii) Now, you can exchange the access token for the user's profile information. Enter this profile info to your database - that will ensure authenticated call.

Once you have verified that the user is logged on you can do whatever you want.

Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download

Sign up

Sign up with GitHub
Latest added
Olympus DVR recording date and time extractor
multitouchtest.html
metatype_loop_question
example_loop
-1 down vote favorite I have a listing page (call it a page to list the draft blogs or unpublished blogs). When I click a blog item from the draft, it shows the details on read-only format It provides four functionalities - Close, Edit, Delete, Publish. I have completed Close by calling {% url 'blog:drafts' %}, Edit by calling a class derived from UpdateView and delete by calling a class derived from DeleteView. However, I am stuck at publish since there is no view present to create a class based view and get it done. Other option was to define a function and then invoke that function in urls.py I run into issues when I try this I keep receiving error saying that the function that I invoked is not a valid view I am stuck at this error message for days. Is there any alternate ways to write a "publish" function inside the DetailView class and then invoke that function for the active object from the html template?
HS110 Python
......
alert
Create and Schedule Cron Jobs Easily with Laravel
Installing Laravel on Cloudways Laravel hosting
Rotating panels
http://aurvu.com
http://so4m6.com
FNISaa2 Papyrus
GenerateFNISUsers
FNIScommon1
FNISaa1
woocommmercerestapi.php
fsagsas
test for the future