I'm going to use Django API for Android development use,But I met some of the following questions.
1.Android is just giving me post form data through a URL, how can Android get csrftoken?
2.If post data is modified, for example, we originally need to delete the a information, but a is changed to B, which will cause the background to delete B information, and how to prevent this happening?
3.Where is the csrftoken of Django being stored, I looked at my database, but I didn't find it?
I'm just beginning to learn Django, so my question may look ridiculous, but I really want someone to help me.
you can get csrf token from
from django.core.context_processors import csrf
csrf_tok = csrf(request)
csrf_token = str(csrf_tok.get('csrf_token'))
Related
I'm trying to create my own application like an e-mail client. I use Retrofit library and I have already managed to create POST request for authorization via username and password. Maybe somebody can help me with structurising my general task(which classes I have to create or smth like that) because I can't create the strategy of its development. I'm a beginner in android development and also in retrofit library. When I first had made a POST request it was like a surprise because I didn't understand how it worked. So maybe somebody can advise me some tutorials or can explain from what I have to start for having s really successful GET request. I have some previous questions right here: Adding authorization header interface android retrofit. After some conversations with more professional developers, I have realized that I don't know where I have to begin. Thank you for your help.
I think This Tutorial is Good for you -> link
I have been using passportjs for user authentication on my web application. Now, I am working on Android Client for same project. When I logged in with local strategy, I was successfully logged in on Android. However, after logging in, when I tried to get data from another URI on my server, I got 'Invalid Username or Password'.
When I checked req, there was no req.user object when android asked for data on a particular URI. When accessing the same URI from web application, it contained the user data on req.user object. There was nothing in the case of Android.
I learnt that for Android, we do token-based authentication. Then I came across bearer strategy in passport js. It had some options of redirect URLs. I think I can't handle redirect URLs in Android App.
I have already done a lot of work using passport local strategy. Kindly, let me know what should I do or look into if I want to use the same strategy for my android application too.
I have found the answer to my this question on following thread. Posting it here, it might help someone else.
https://plus.google.com/u/0/+SojharoMangi/posts/N1d5XQawSnU
After a quick search i found this package:
https://www.npmjs.com/package/passport-facebook-token
I'm making an android app for displaying some school events(Title of the event and a posted picture of the event).
The only thing I need for the app is getting data(String for title, ImageView for the picture)from a server.
The answer of this post, Android Development : Getting data from the web, seems to be the easiest and the most straight forward way I could find.
"The easiest way to display posts into an Android application will be
to use JSON data on the web, and read it into a Master Detail Android
application.
On the website side, getting the data to display in JSON seems to be
the most difficult part of your problem. It would be easy if it was a
Wordpress site, as there are plugins that will do this for you.
On the application side, getting the data and parsing it into a master
detail flow is a fairly trivial task."
I know almost nothing about database, networking, wordpress, and JSON. :(
I have made an wordpress account and install the JSON plugin and wordpress web server plugin. But that's how far I could get :(
My idea is
in the wordpress blog site: make a post for each new event. The title of the post is the event title and the content of the post just a picture, which is a post about the event.
in the app side: add a synchronize task within the onCreate function, so when the app is opened, it will check if there's any new post in the blog. If there's any, it will get the blog title and add to the listView, and get the picture inside of the blog and create a new layout in which has a ImageView for holding the picture.
As I said, I know nothing about web service and networking.
I have no clue about how to check if there's any new post in the blog comparing with those events already in the app.....
These two examples are the closet I could get.
http://android.programmerguru.com/android-webservice-example/
http://wordpress.org/support/topic/phonegap-android-app-built-around-json-api (I don't understand this one! :/)
Please help! This thing is giving me a big headache! And it's the last step I need for the app!
Any help or sample code will be greatly appreciated!!
And most importantly, Merry Christmas, everyone! XD
There is Wordpress plug-in called JSON-API it gives you ability to access every object of Wordpress( post ,page ,category.. etc ) in the form of JSON. you can use any rest client like volley from google, retrofit from Square or build your won to access wordpress data.
install Wordpress plug-in
http://wordpress.org/plugins/json-api/
for sample code you can look Wordpress for android source code on github
https://github.com/wordpress-mobile/WordPress-Android
I ended up with writing my own JSON.
I searched similar question here. Couldn't found one, so please excuse if this is duplicate.
I am writing a RESTful webservice using Spring 3.0.5. There will be few REST services which requires user authentication to update few database tables. Our system has USER table, so the authentication should happen against this table. The client is Android devices. The REST request/responses will be XML (not JSON or HTML). Now I have to implement security for the requests. I did search in forums/mailing list, but not able to find a solution for this. Any guide/ideas would be greatly appreciated.
Thanks in advance.
I suspect you'll need to add username and pw to the payload of your rest methods and have the client collect and pass those along.
If you do, you'll need to consider security implications. Encrypting the pw collected from the user and decrypt in your service before passing along or maybe you'd consider simply requiring SSL connection to be sufficient.
Also, you want to make sure youre using POST and not GET to connect to the service as that would expose the username and pw stuff in the url.
I'm trying to get json data from a django view (login required)
into a new android app I'm working on.
I would like to authenticate the user against the django login
and keep the cookie/session for all the django view calls to
get data from the server.
I did some googling but nothing helped me,
even if I guess it should be a quite common task.
Maybe I'm facing the problem from a wrong point of view..
So I'll switch the question to:
how can I do some user authenticated json request/response to a django server?
Any clue?
You have to do as the website expects, and you need to persist the session cookie.
What I did is using XML-RPC to do all the transfers.
Not exactly sure if it's the best way, considering django's xml-rpc support is some kind of a hack.
Here's a very detailed XML-RPC handler for django:
https://code.djangoproject.com/wiki/XML-RPC
then, setup ur client end on android.
When communication is okay. Start writing server end API.
from django.contrib.auth import authenticate
and use this function to do authentication.
Then for sessionId stuff, you need to go to backend db to manually do them: https://docs.djangoproject.com/en/dev/topics/http/sessions/
as u can see, this is why I don't think it's the best way. You can't send httprequest, hence most django build-in functions doesn't work.