4đź‘Ť
I would advise against storing in HTML5 local/web storage. If you are targeting iOS PhoneGap, I would recommend using the Keychain Plugin:
http://blogs.nitobi.com/shazron/2010/11/06/ios-keychain-plugin-for-phonegap/
4đź‘Ť
Although you’re not going with Sencha Touch, there’s a pretty good overview of the issues at HTTP Authentication.
As for storing the authentication information after an initial login, you could try local storage or a cookie (though you might need to use PhoneGap to enable cookie storage). HTML5 also provides key-value local client storage. If authentication cookies work I believe this could be handled automatically for you; otherwise you could implement a document.ready authentication check within an Ajax call using authentication data from local storage (or encrypted storage).
- Utility of managed=False option in Django models
- Django fixtures not accepting YAML?
- Using User.objects.get_or_create() gives invalid password format in django?
- Django virtualenv layout
- Use a django built in filter in code (outside of a template)
4đź‘Ť
The KeyChain solution would work only on iOS devices, so if that’s your only target you are fine.
But what about the others? Kind of a waste using PhoneGap but then deploying only to one framework…
I know localStorage is not secure, but if you are aware of the limitations there are ways to make a bit less “obvious”.
Here’s the jQuery.handleStorage plugin which also handles AES encryption… You could have a look at the source and implement only the parts you need (in case you don’t want to use the whole plugin, which also supports desktop browsers!).
PS: I am not affiliated in any way to that plugin or the author
- Django testing tips
- Django redirect to root from a view
- Python requests return file-like object for streaming
- Docker [Errno 111] Connect call failed ('127.0.0.1', 6379)
- Datetime Field Received a Naive Datetime
1đź‘Ť
This was one of the burning questions I had when I started mobile development with PhoneGap. Let me explain what I do to get through.
When the users try to login to he/she enters the username and password which will be sent via a web service call to the server side. If the authentication is successful issue a token to the user and save it at the server side for the future communication. User will receive the token and it will be saved in the local storage or whatever mechanism you prefer.
Now for future communication use the token, token will be passed with the every web service call to the server side where server will authenticate whether the token is a valid token issued by the server. You can invalidate the token by every 72 hours or 48 hours as pre your requirement(or not expiring). Once the token is invalidated you will have to login and get a new token.
Hope this solve your problem.
-1đź‘Ť
It says to include a PHP file into the HTML file, but I’m not sure if PhoneGap works with PHP. I just started using PhoneGap this weekend.
- How to change the 'tag' when logging to syslog from 'Unknown'?
- Error: command 'x86_64-linux-gnu-gcc' when installing mysqlclient
- Django docker – could not translate host name "db" to address: nodename nor servname provided, or not known
- Django Tastypie: How to Authenticate with API Key
- Django – inline – Search for existing record instead of adding a new one