Thank you Laurence! So from what I understand I don't actually need to set my own headers; is this correct? After all, cookies are just headers, yes? I can simply use Pyramid's built-in AuthTktAuthenticationPolicy and access/set the cookies from the client side through NSURLConnection (or the equivalent subclass in AFNetworking 2.0).
Best, Andrew On Monday, April 20, 2015 at 5:00:20 PM UTC-7, Laurence Rowe wrote: > > I'd recommend using cookie management on the connection level. According > to > http://stackoverflow.com/questions/2053568/managing-http-cookies-on-iphone > "NSURLConnection > <http://developer.apple.com/Mac/library/documentation/Cocoa/Reference/Foundation/Classes/NSURLConnection_Class/Reference/Reference.html#//apple_ref/occ/cl/NSURLConnection> > gives > you cookie management for free." > > To manage it yourself using headers you could subclass the > AuthTktAUthenticationPolicy and override the ``remember`` and ``forget`` > methods to set headers instead of cookies. > https://github.com/Pylons/pyramid/blob/1.6a1/pyramid/authentication.py#L654 > > Laurence > > On Monday, 20 April 2015 10:16:11 UTC-7, Andrew Burnett wrote: >> >> I am writing a mobile iOS application, which communicates with a Pyramid >> app on the backend. I am currently using Pyramid's built-in >> AuthTktAuthenticationPolicy. >> >> I've met some speed bumps while attempting to authenticate via a mobile >> client (iPhone). For starters, how would I send and retrieve the auth_tkt >> cookie that is set by Pyramid. >> >> I understand how this works with a web browser, but, if I want to send >> this "auth_tkt cookie" in the HTTP response, how can I accomplish this? How >> do I actually get the auth_tkt secret string. For example, what if I'd like >> to return it in the JSON body or a custom header of my choosing rather than >> as the cookie set by Pyramid's remember function? >> >> Secondly, in future requests sent by the client what header do I set with >> the auth_tkt secret string so that Pyramid recognizes it and appropriately >> authenticates the client? >> > -- You received this message because you are subscribed to the Google Groups "pylons-discuss" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/pylons-discuss. For more options, visit https://groups.google.com/d/optout.
