08-21-2017, 05:54 AM
Hi guys,
I am quite new to php development and I am trying to set up a simple backend for a an existing hybrid (mobile, webbased) application using Apache Cordova.
I customized the users account page so that a logged-in user can inspect and download datasets linked to his account.
Now I would like the mobile client to perform the same query for data linked to the user from within the app.
From here I pictured
Meanwhile I came to understand that the login request already has to provide a token in order to prevent CSRF.
Does that mean that a "programmatic login" (using a remote form and do the login via POST) is not possible with UserSpice?
If it is still possible, I would appreciate some hints to achieve this.
I am quite new to php development and I am trying to set up a simple backend for a an existing hybrid (mobile, webbased) application using Apache Cordova.
I customized the users account page so that a logged-in user can inspect and download datasets linked to his account.
Now I would like the mobile client to perform the same query for data linked to the user from within the app.
From here I pictured
- the user fills out a login form
- username and password are sent to <myUserSpiceInstance>/login.php
- the response contains a token to be persisted in the browser
- the token can be used for further requests to obtain model data
Meanwhile I came to understand that the login request already has to provide a token in order to prevent CSRF.
Does that mean that a "programmatic login" (using a remote form and do the login via POST) is not possible with UserSpice?
If it is still possible, I would appreciate some hints to achieve this.
