I have developed many stateless RESTful webservices for a mobile
application in Java and they are working very well.
*For example:*
- h t t p://.../api/coupon
- h t t p://.../api/coupon/{id}
- ...
Now, I have to extend these services because I have to send different data
back to the mobile for every user. So I need to know on the server side
which user try to get or set information. And I have to prevent the serve
of unauthorized users.
*There are two different way how user can login into the mobile
application: *
1. log in with facebook account
2. log in with an application account
I need to develop two login and a logout services because the users who use
the mobile application have to login into the application.
I read lots of article about auth and RESTful and OAuth.
I think I have to develop two login services with two imput parameters:
username and password.
*For example:*
- localLogin(String username, String password) -> token
- facebookLogin(String username, String password) -> token
These logon services have to generate a same token and send it back to the
mobile application in the http header. And after the login process the
mobile client has a token. And the client has to send this token to the
server when it makes a RESTful server call.
What do you think? Is my idea good?
If it is, could you help me how can I start to develop this in Java?
If it is not, could you tell me the good way?
Thank you.
--
--
You received this message because you are subscribed to the Google
Groups "Android Developers" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/android-developers?hl=en
---
You received this message because you are subscribed to the Google Groups
"Android Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
