All geek questions in one place

How to extend the Zend Framework RESTful authentication application?

I have a Zend Framework application that I am trying to configure, so I can use the iPhone application. Everything in my ZF application requires that you log in first.

In the browser, you will go to myapp.com/auth/loginand get a login form. When you authenticate successfully, a cookie is set to remember that you are logged in (I think this works). It also redirects you to the home page and displays HTML.

Ideally, my iPhone application will authenticate (somehow) against my ZF application and get a JSON response. He can then make future requests authenticated. So far, my iPhone application sets up the login credentials as POST data and goes to the login page, and the ZF application returns the HTML page of the home page (or the page with the verification error).

I am looking for answers to "best practices." Perhaps I am asking the wrong question. Maybe I don’t need to think about “RESTful authentication”. What is the best approach to configure my Zend Framework application to allow my iPhone application to authenticate and make requests?

+3
source share
1 answer

Perhaps you could implement two-way OAuth authentication between your iPhone application and your ZF application.

Here you can see additional information:

http://hueniverse.com/2008/10/beginners-guide-to-oauth-part-iii-security-architecture/

http://oauth.net/

In addition, there is always an alternative to manually passing cookie values ​​back to the server. That should be enough:

  • Get POST response headers
  • Extract the cookies from the header and save them somewhere.
  • When you make a secondary request to the server, you manually add the cookie headers.

I think he should do it.

+1
source

Source: https://habr.com/ru/post/1761582/

More articles:


All Articles