简体繁体 English

我如何开发注册和登录系统Jquery mobile

[英]How I can develop a registration and login system Jquery mobile

原文 2013-12-11 21:08:35 0 2 php/ android/ jquery/ jquery-mobile/ mobile

hello guys at the moment I build a mobile application in jquery mobile my idea is finish the app in jquery mobile and later compile with phone build for IOS and android now my problem is I need build a registration and login pages for the app but dont have much knowledge about this for example I want do this with the best security for users data and have the idea that will need a web server to store and validating the data that will come from the app 大家好，我现在在jquery mobile中构建一个移动应用程序，我的想法是在jquery mobile中完成该应用程序，然后使用IOS和android的手机构建进行编译，现在我的问题是我需要为该应用程序构建一个注册和登录页面，但没有例如，我对此有很多了解，我希望为用户数据提供最佳的安全性，并认为需要Web服务器来存储和验证来自应用程序的数据

for example a user register in my app and the information will be sent to my web server later when the user try login, the app will verify the information for example email and password and if the user put all correct info he will get the access but now I see some tutorials and dont know how I will be doing this can anyone help me or give me some instruccions to do this? 例如，一个用户在我的应用程序中注册，并且该信息将在以后用户尝试登录时发送到我的Web服务器，该应用程序将验证该信息，例如电子邮件和密码，如果用户输入了所有正确的信息，他将获得访问权限，但现在我看了一些教程，不知道我将如何做，有人可以帮助我还是给我一些指导来做到这一点？ I know that jquery mobile dont work with php 我知道jQuery mobile不适用于php

2 个解决方案

you have to setup an http (backend) service which is able to store user-password key-value pairs consistently. 您必须设置一个http（后端）服务，该服务能够一致地存储用户密码键值对。 the passwords should be md5(+salt) which is the minimum of password security you can do without too much previous knowledge. 密码应为md5（+ salt），这是您无需太多先验知识即可进行的最低密码安全性。 there are many plugins to do the encryption directly on client side. 有许多插件可以直接在客户端进行加密。 just take a look here . 请看这里。 as your application growth and the security issue got more weight you should think about something like AES encrypted . 随着应用程序的增长和安全问题的日益严重，您应该考虑使用AES加密之类的方法。

furhtermore you have to get an html formular which is asking for the user/password combination. 此外，您还必须获取要求用户/密码组合的html公式。 you can send the formular data via an ajax request to your backend. 您可以通过ajax请求将配方数据发送到后端。 described here . 这里描述。

within the callback of the ajax request you can redirect your session/ the user to secured content or whatever. 在ajax请求的回调中，您可以将会话/用户重定向到受保护的内容或其他内容。 there are some hidden disadvantages of doing an "virtual" session on client side. 在客户端进行“虚拟”会话有一些隐藏的缺点。 better way is to extend your backend service to send an token or something similar after recognizing an valid/known user. 更好的方法是将您的后端服务扩展为在识别出有效/已知用户之后发送令牌或类似内容。 or even combination of both techniques, to prevent session hijacking . 甚至两种技术都结合使用，以防止会话劫持。

the simple backend service is maybe a php/perl/java-serlvet/cpp service. 简单的后端服务可能是php / perl / java-serlvet / cpp服务。 as you are free to choose any available framework. 因为您可以自由选择任何可用的框架。 as you like javascript - like i do - you should take a look here: node.js . 就像我喜欢javascript一样，您应该在这里看看： node.js 。

I have put together an end-to-end example, with unit tests, based on my own experience doing this. 根据我自己的经验，我将端到端示例与单元测试放在一起。 It uses Node.js and MongoDB on the backend and you can easily port it to your favorite stack. 它在后端使用Node.js和MongoDB，您可以轻松地将其移植到您喜欢的堆栈。

Check it out here: Using MongoDB and Mongoose for User Registration, Login and Logout in a Mobile Application 在此处进行检查：使用MongoDB和Mongoose在移动应用程序中进行用户注册，登录和注销