Thank you, guys. :) I think I should try to implement one, when I am free. Do you know any opensource for iphone oauth login as well as android?
I am actually passing login credentials to web2py from android app via given web2py lib. On Feb 11, 2013 11:29 AM, "howesc" <how...@umich.edu> wrote: > Thanks Alec, that will be a nice contribution. > > re my "special odd pain in the rear-end" login flow.....well we (the > engineers) failed to sell that to the business. users can make purchases > via apple without a proper logged in account, and we need to track those on > the server. hence the anonymous user. it would be really nice if apple > shared with us the itunes user ID on app launch, but they don't because > they believe that violates the user's privacy (and i kinda agree on that > point). So i'm stuck with an overly complex login flow. :( > > cfh > > On Sunday, February 10, 2013 9:55:35 PM UTC-8, Alec Taylor wrote: >> >> Not to worry, I'm releasing a generalised open-source OAuth2 Library for >> web2py. >> >> As for your current mechanism of anonymous tokens… how about just >> storing a cookie (or some other client-side storage) and when the user >> logs-in or registers all their customisations (e.g.: if e-commerce, >> their cart) will be sent securely to the server on receipt of >> successful authentication. >> >> That would be a much cleaner, more secure, streamlined and >> self-contained model than your current one. >> >> On Sun, Feb 10, 2013 at 9:33 AM, howesc <how...@umich.edu> wrote: >> > - Apple explicitly does not allow using the hardware identifier in >> your >> > app, and will reject app submission that do that. because of this each >> app >> > install "logs in" first as an anonymous user. >> > - website users use standard web2py auth >> > - app connections to the server use our modified OAuth API >> implementation. >> > this forgoes web2py auth, but reads and writes to the same user table >> that >> > web2py auth uses. this allows the 2 different systems to connect. >> > - the mobile apps are native code on their respective platforms, the >> > website is html. >> > >> > unfortunately our modified OAuth implementation is pretty specific to >> our >> > needs and so i don't think it's a candidate for us to open source. >> i'll >> > take a look into what we are doing though to see if any of it >> can/should be >> > open sourced. >> > >> > cfh >> > >> > >> > On Saturday, February 9, 2013 11:40:50 AM UTC-8, Kenny wrote: >> >> >> >> Howesc, >> >> Thanks for great info. So, does mobile app user have to register >> web2py >> >> via access token provided by their hardware in mobile application? May >> you >> >> explain how you built the login/registration module for mobile app >> users >> >> along with web2py? >> >> Do you code in html5 with native code for developing your mobile app? >> >> >> >> Sorry for asking more than one question, this topic sounds so >> interesting! >> >> :) >> >> >> >> Thank you! >> >> >> >> On Feb 9, 2013 11:45 AM, "howesc" <how...@umich.edu> wrote: >> >>> >> >>> well what we are using is a hybrid model: >> >>> - the ios device uses a modified form of OAuth to get access tokens >> (and >> >>> we have the confusing problem of users start anonymous but with an >> access >> >>> token, and then may later create an "account" associating an email >> and other >> >>> user data with the account) >> >>> - the website uses web2py's auth to login those same users >> >>> - the APNS token (Apple Push Notification Service) is provided >> >>> optionally by the user if they opt-in to push notifications. as such >> it's >> >>> not a primary key for the user and can't be used for authentication. >> if >> >>> the user chooses to share it with us we store that in a field on our >> user >> >>> table. Note that the APNS token is device specific, so if the user >> has >> >>> multiple devices then they might have multiple tokens. >> >>> >> >>> does that clarify at all? >> >>> >> >>> cfh >> >>> >> >>> On Friday, February 8, 2013 9:46:42 PM UTC-8, Massimo Di Pierro >> wrote: >> >>>> >> >>>> I do not know how this works. Can you give us more details? >> >>>> >> >>>> On Friday, 8 February 2013 20:31:14 UTC-6, howesc wrote: >> >>>>> >> >>>>> i have millions of APNS tokens! i'd share, but they are tied to an >> >>>>> app.... >> >>>>> >> >>>>> i did not tie APNS tokesn to web2py auth, but i added fields to my >> end >> >>>>> user table, and the device uses my REST JSON API to POST the APNS >> tokens to >> >>>>> the server and update the user. we don't use the APNS token as any >> sort of >> >>>>> user identifier. >> >>>>> >> >>>>> does that help? lemme know if you are interested in more details. >> >>>>> >> >>>>> christian >> >>>>> >> >>>>> On Thursday, February 7, 2013 5:22:28 PM UTC-8, chris_g wrote: >> >>>>>> >> >>>>>> I'm looking into supporting Apple push notifications in an iPhone >> app >> >>>>>> that connects to a web2py server. >> >>>>>> In order to know which devices to push details to, web2py's auth >> >>>>>> module would presumably need to maintain "Device Tokens". >> >>>>>> I'm curious if anyone has implemented a solution that takes care >> of >> >>>>>> this. I'd like to see how it was integrated with web2py's auth. >> >>>>>> >> >>>>>> Thanks, >> >>>>>> Chris >> >>> >> >>> -- >> >>> >> >>> --- >> >>> You received this message because you are subscribed to the Google >> Groups >> >>> "web2py-users" group. >> >>> To unsubscribe from this group and stop receiving emails from it, >> send an >> >>> email to web2py+un...@googlegroups.com. >> >>> >> >>> For more options, visit >> >>> https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out>. >> >> >>> >> >>> >> > >> > -- >> > >> > --- >> > You received this message because you are subscribed to the Google >> Groups >> > "web2py-users" group. >> > To unsubscribe from this group and stop receiving emails from it, send >> an >> > email to web2py+un...@**googlegroups.com. >> > For more options, visit >> > https://groups.google.com/**groups/opt_out<https://groups.google.com/groups/opt_out>. >> >> > >> > >> > -- > > --- > You received this message because you are subscribed to the Google Groups > "web2py-users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to web2py+unsubscr...@googlegroups.com. > For more options, visit https://groups.google.com/groups/opt_out. > > > -- --- You received this message because you are subscribed to the Google Groups "web2py-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to web2py+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.
