I'm trying to make mobile app that will be using Oauth authentication for facebook and other providers as well as standard email password login.
So far I have working web application with FOSUserBudle and HWIOAuthBundle with G+ and Facebook OAuth login. And now I wan't to add rest api for mobile that can login with same way.
1) My first thought was that I will use Oauth login-check url from symfony to create session and happily communicate :) Which is not working since mobile app is not using session and also when I pass same ?code parameter from facebook and mobile to web login-check it's not working either.
2) Api keys (JWT or whatever) second solution is to pass facebook id (or other service) and secret to endpoint find user (or create user) and return api access token. This could be also done by own Oauth server but that looks for my like to much for this simple thing since there is no plan to allow api access for other services or apps.
So the real question is, is there some better way how to do it or can my first thought work on mobile app?
Aucun commentaire:
Enregistrer un commentaire