We have a website, which uses social networks to logging in. Now we are building a mobile app for it. The question is - how we can perform secure login on the server side?
Now logging in mobile app is implemented. We receive uuid and auth_token on mobile, now we need to perform authentication of user on the server. We can't just use uuid because it is insecure, and we can't use auth_token because it changes over time.
Googling only brings me to such thing as "open webview and perform login" - which, i think, is a bad design, because user can't use system accounts and should enter credentials for those networks, where he is logged in already.
I am really confused. What would you recommend me to do?
Aucun commentaire:
Enregistrer un commentaire