On 31 May 2011, at 12:35, Ivo Brodien wrote: > What is the correct way to do the following: > > 1) Mobile App from which a user can create a user/profile on the Django site > 2) Allow authenticated users to create on the site and query personalized > data from the site > > This is what I guess I have to do: > > 1) Create a REST API (probably with e.g. django-piston) on at the Django > site for creation and authentication > There's no one correct way, but that way will work well. I've done something similar in the past and had mobile clients working across pretty much all phone platforms.
> How would I authenticate against the Django site? Your choices are either to use username/passwords or OAuth. If you're using username/passwords you can hook straight into the standard Django authentication - just have your code do a POST to /admin/login with username/password. That's not massively secure, so you might want to consider doing it over SSL. > When I use URL connections from the mobile app do I always have to send the > credentials or can the Django site identify me by storing session cookies on > the client just like as if the mobile app would be a browser? > You can use session cookies just as on the desktop - the iPhone NSURLRequest will handle cookies for you. This is true on most platforms, the only place I've found where it doesn't work consistently is on Flash. Of course if you choose to do OAuth then you simply sign each authenticated request. This works really well if you want to do some authenticated and some unauthenticated requests. Malcolm -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
