News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

External auth token

Started by xpLosIve., August 28, 2015, 11:59:52 AM

Previous topic - Next topic

xpLosIve.

Hello,

I'm currently working on an iOS app for my website. The comments are linked to an SMF forum. So I'm trying to integrate a secured login with a private token.

User type his login/password in a form, I send a request to the API, I get a response with a token if the login succeeded and I store this token (so I don't store user credentials).

And then, with this token I can send request to add a message on a certain topic.

Is this possible to do with SMF?

Oldiesmann

Really all you need is their user ID. Then you just supply all the relevant info to the createPost function in Sources/Subs-Post.php to add a post to a topic (regardless of whether the user is logged in at the time).
Michael Eshom
Christian Metal Fans

Kindred

ummmm... Oldies --  maybe I missed something, but the OP was talking about logins - not posting.

Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

xpLosIve.

Need both in fact.

I need : User type his credentials in a form, the app valid them via a POST request to the server, the server responds with a unique token if the credentials are good, I store this token and then I can use this token to post message.

I don't think using the userID to post message is really secured :D

xpLosIve.


Kindred

is your other script a php script and/or does it store information in the mySQL database?
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

xpLosIve.

Quote from: Kindred on September 04, 2015, 03:00:40 PM
is your other script a php script and/or does it store information in the mySQL database?
It's an iPhone app. So I need to communicate with the server via HTTP (with a POST request for example).

Kindred

Ugh,  I can not help you at all then...  whatever you do will not be secure, from what I can see. Smf needs a password and there does not seem to be a way for you to securely pass it.
Слaва
Украинi

Please do not PM, IM or Email me with support questions.  You will get better and faster responses in the support boards.  Thank you.

"Loki is not evil, although he is certainly not a force for good. Loki is... complicated."

Advertisement: