I am looking for information on how to handle logins using PhoneGap and Django. Django has a Cross-Site Request Forgery Attack Protection Token (CSRF). On a typical Django server with a typical page, the token is displayed as part of the form. This is fairly easy to handle for a website, but causes a problem with how to do this using the PhoneGap application.
I am trying to understand what a best practice strategy is, how to do it. Right now I have GET work calls, but you need to do POST work for user and pwd. Here are the strategies I'm looking at:
1) Get the full form provided by the client
2) Get the CSRF token from the AJAX call and add it as a hidden field in the form
3) Some other suggestions ... :)
I am also trying to get accurate information about how PhoneGap handles cookies, so I can use the session key. We seem to have conflicting information.
I am using PG 2.7.0 with JQ 1.9.1 and JQM 1.3.1.
Any understanding that any person will be very happy.
source share