search

thoughtbot / ios-on-rails

A guide to building a Rails API and iOS app
Other
76 stars 6 forks source link

consistency between ios and ruby code #46

Closed dgdosen closed 10 years ago

dgdosen commented 10 years ago

FYI - I know work is still in progress - but in the code - the ruby code infers that a user token will get passed into it from the client... while the iOS code infers the user token will get generated by the server...

which is it?

jessieay commented 10 years ago

As far as I remember, we are just using a code that is generated on the iOS side. The reason for this is that only the device knows who is accessing it. Without username/password, the Rails app has no way of knowing which use is which without iOS telling us. So the device sends us a token, which we store and associate with a user.

That being said, I am starting to think that we will add a more complicated authentication setup in the book before V1, because that seems to be a common suggestion.

Thoughts, @dazmuda ?

dazmuda commented 10 years ago

Currently, we're generating the user token on the iOS side. It's a random UUID that is saved to the user's keychain and sent up with every request. What we're calling a "user token" for now is really just a user ID.

Ideally, this ID would be generated by the rails application. Doubly ideally, this ID will be replaced by an auth token and new user ID once we've integrated authentication.

Adding authentication is definitely my most desired addition to the app.