I don't have much experience with authentication for mobile apps.
I am using Play framework as backend. Play supports cookie-session authentication, which is great because it keeps the server stateless. Can this mechanism apply to mobile apps (native, no web views) as well?
I can only speak for android as I have never developed for ios.
In Android all you have to do is enable Cookies for your URLConnections.
See here or search yourself. Questions to this can be easily found as there are a lot.
Related
I've watched some videos about Bubble.io that you can create mobile applications without code, in addition to building and linking the database of the system and doing the work/process flow of the App. Can this platform provide us with the functionality and build both the frontend and backend to release a native mobile app
Yes, you can create web apps with Bubble.io and wrap them into native Android / iOS apps with the converter Natively. It allows enabling a lot of native features like push notifications, biometrics authorization, geolocation, universal links etc.
FYI, FlutterFlow is a pretty great alternative to Bubble.io in building mobile apps in terms of functionalities. Bubble.io is preferable for apps that need quick pivoting (changes are made real-time to end users without having to rebuild the app and to require users to update their apps) yet it is incomparable to FlutterFlow and other mobile app builders in terms of UX. Fair trade off I think.
I'm using the firebase-ui-android authentication flow for my mobile app.
I would like to do the same for my desktop app, but it doesn't seem like there is an equivalent framework; the closest seems to be firebase-ui-web.
Now I'm playing with the idea of (ab?)using firebase-ui-web to run locally on the client machine for authentication.
However, since firebase-ui-web seems to be aimed at the server I'm a bit wary running it on the client side.
The desktop app is fairly simple, it pretty much only needs to read some firestore data.
What are my options here?
The only ways to connect with Firebase are by an Android, an iOS and a web app.
There is no support for desktop apps.
But, you can create a native sync service to link your desktop app with Firebase users throught a web service.
It is feasible to have a desktop app to connect to Firebase. However you should create a hybrid desktop app using electron or other platforms that is by nature use web and javascript. Here is an example of using electron to manage firebase: https://www.electronjs.org/apps/firebase-admin
You can use Google Sign-In for TVs and Devices for that case.
This is not perfect, because you need to use additional access code, but it can work with desktop applications as well
I am about to start a project to develop app that will run on iOS and Android. Most of the functionalities are very basic. Creating membership, login, viewing some content, entering forms data etc. However, there will be many pages. It is like a Web Site. iOS and Android App will have same functionalities.
I am considering developing this as Web App then creating a native iOS and Android App with a WebView. In that case, my users will download the apps from App Store and Play Store but my Web App will work inside that native apps.
I am willing to do that because apps functionalities will be same and there many simple pages in the apps. This will give me huge benefits. For example, i will implement once and use it in two different app, create new releases mostly without publishing the apps again etc.
I am planning to implement mobile app related things on the native apps like Push Notifications, Crash Reporting, Google Analytics etc. and rest of the functionalities in the Web App
Is this a common practice?
Is there any name for it? (I believe this is not a Hybrid App since Web App will be remote on the cloud)
What are the possible technical difficulties?
What other technologies i need?
How can i done Authentication / Authorization securely (My users will login to app once and then use it without login each use of the app)
Is there any rule against it? Like does the Apple App Guideline allow it?
Is there any framework to use for such need?
Thanks
I wouldn't recommend you to build a native app just for the use of a wrapper. In this case it is better to write a responsive web app. You can bookmark the website on your home screen and it will use the favicon as the apps icon.
Check out progressive web apps. This may be what you are looking for:
Progressive Web Apps
I basically want to want to authenticate with ADFS as an external identity provider in a native ios/android app. Preferably with a seamless login experience, but that may be asking to much.
The setup that I want is pretty much the one described here except that I moved the identity stuff to an STS project. The ios and android apps are accessing the web api.
I also used this pluralsight course.
Now I "just" need a way to use the credentials received from the mobile app to issue an access token.
I need to know if I am on the right path. I am using:
IdentityServer3.
Oauth2 and OpenID Connect. (using password grant)
The solution has to work on adfs 3.0.
NET 4.6 web api and mvc solutions running in azure.
I have been looking at the ADAL.NET project, but that seems to be primarily for Xamarin and I already have the ios and android developed natively.
Questions:
What is the best approach going forward?
Are there any (perhaps new) technologies that i am completely
missing?
Your basic problem is that with ADFS 3.0, there is no OpenID Connect support and very limited OAuth support - basically just auth. code grant for web API.
Much along these lines.
If you want the full stack (ala what you have with idsrv3), you need ADFS 4.0.
You could federate idsrv3 with ADFS using WS-Fed for the final hop.
I'm developing an iOS app and Android app that have to read data from (and maybe write data to) my web app. On the web app the users login, modify a dashboard (their data), and their changes are reflected in the iOS and Android apps. Pretty basic stuff. I just don't know what a good design for me is.
Things I'm considering:
The web app is a client. The web app makes calls to an API I build where
all the user's data is added/modified. Android and iOS apps both
make calls to this API as well.
The web app lets users login and modify the dashboard. As changes are made they are fired off to a BaaS (such as QuickBlox, StackMob, Parse, CloudMine, etc...). The iOS and Android apps make calls to the BaaS.
The web app is everything. User logs into web app, modifies data. Android and iOS both make calls to web app.
Your recommendation...
Considerations:
I'm a junior dev with limited but growing experience. I'm fairly comfortable with Ruby. Java and Objective-C is a WIP.
I want to get this up and running ASAP. Willing to do a V2 the "correct" way once I get customers or funding.
Please advise on architecture. Thank you.
You can use Webview for Android. Read this link:
http://developer.android.com/reference/android/webkit/WebView.html