radubanabic
commented
9 years ago Did you discuss this internally? It would be good if somebody is assigned to the issues; that person can lead the discussion and make sure the issue is not forgotten.
Closed CedricCook closed 9 years ago
radubanabic
commented
9 years ago Did you discuss this internally? It would be good if somebody is assigned to the issues; that person can lead the discussion and make sure the issue is not forgotten.
ireneu
commented
9 years ago This is an important issue, since it will define how the mobile app and the server write their HTTP messages and how users will be identified by the server.
Does anybody have experience in this matter ?
radubanabic
commented
9 years ago OAuth2 would allow you to support a variety of accounts. You can also just stick to Google accounts for now, if they're easy to integrate (and I assume they are). I strongly discourage implementing your own authentication, as it's very easy to get it wrong.
timozattol
commented
9 years ago I also don't think we should implement our own authentification, because of the lack of time and also security-wise, despite the fact that this is - to my point of view - one of the most interesting part of the project.
Leave your comments here to discuss what authentication method we will use: