5
I am building an application that needs login, I have already created the webservice in php using Slim.
I am currently using a POST, passing a json with email and password for the webservice to return the json of the corresponding user, but I believe that is not the best way.
If you can suggest me a better way using these technologies.
Thank you.
2
Hello!
To do the check you can yes send the user credentials as you are doing(it has to be https), and as you will use on mobile, I believe it is more appropriate to work with JSON Web Tokens (JWT) for the return!
You return a token to the user, save this token and in any request that the user makes this token will be together. This way, you can validate the token on your server and continue with the action if it is valid or simply deny the token because it has already expired or invalid.
Browser other questions tagged php android web-service restful slim
You are not signed in. Login or sign up in order to post.
it is advisable at least to use an NCODE and send a string and not email and keyword as Plain text...
– balexandre
See retrofit below for the http://square.github.io/retrofitlibrary/
– Caique Oliveira
post the code so we can analyze and suggest changes.
– Ivan Ferrer
Making a match of your string before sending will not solve anything, the code will be on the client’s side, just inspect. There is no problem as long as you use the POST and a secure connection (https) to send the login data. Facebook, Twitter, etc... that use the HTTP protocol to do authentication work like this.
– Filipe Moraes
Look I think you could do this check by get which is a faster and simpler type of request, since it’s just to validate email and password, use Get. Note: Remember to encrypt the email and password before sending to the server.
– Viniam