Swift和REST API身份验证
[英]Swift and REST API authentication
问题描述
I've built a REST API, which does token-header based authentication. 
我建立了一个REST API,该API进行基于令牌头的身份验证。
So if a user logs in, the response the client (the Swift device) will get is something in the json body {} and then a header which an authentication token. 因此,如果用户登录,则客户端(Swift设备)将获得的响应是json主体{} ,然后是身份验证令牌的标头。
Everytime I want to get data GET request from the API, I have to pass in this header before making the request. 每次我想从API获取数据GET请求时,都必须在发出请求之前传递此标头。
Is the best ( secure ) way to accomplish this to create a constants file with the equivalent of public static final String AUTH_TOKEN = (token received and set) in Swift? 是最好的( 安全的 )方法来完成此操作,以在Swift中创建一个等效于public static final String AUTH_TOKEN = (token received and set)的常量文件吗?
And then to make a request after login, get this constant from this file and proceed? 然后要在登录后发出请求,请从此文件中获取此常量并继续? Surely there has to be a better and more secure way? 当然,必须有一种更好,更安全的方法吗?
1 个解决方案
解决方案1
0 2017-09-11 05:24:10
The most secure way to store the token is using the Keychain . 存储令牌的最安全方法是使用Keychain 。 This will also persist the token if they are to uninstall/reinstall the application. 如果他们要卸载/重新安装应用程序,这还将保留令牌。 Where as UserDefaults and CoreData will remove the data on uninstall. 其中, UserDefaults和CoreData将在卸载时删除数据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.