Automatic Login from iOS/Android app


(Ugo Chirico) #1

Hi,
I’m writing an android/iOS app that points to my discourse instance.
This is the scenario:

  1. When the mobile app starts for the first time I create a user on my discourse instance by calling the API by setting active=true. the user should be already active (without needing to activate again it by email)
  2. I store username and password in the mobile app after successfull creation.
  3. When the app starts I want to automatically login the user to discourse and show him the home page with the login done.

Is there a way to do that?
How can I do that?


(Sam Saffron) #2

This is super timely :slight_smile:

See:

Working on it this week.

Basically after we generate an API key we redirect to a universal link that your app can open.

Definately do not ship API keys in the app, you are 1 jailbreak away from hackers doing whatever they want to your website.


Creating Auto login from android app to discourse
(Kane York) #3

one jailbreak away? More like one adb backup away.


(Ugo Chirico) #4

Hi Sam,

this features seems really interesting.

I read your suggested post. I’m in use case 2: Mobile applications that poll Discourse sites on behalf of end users and handles push notifications.

But I don’t understand how to use this new feature in my app.

These are my requirements:

  1. I put in the app a WebView that displays my discourse instance as is (I don’t want to write an app from scratch by using the API like the one I saw on GitHub);
  2. The first time the app starts I create a new user linked to the user’s mobile phone ID. The user must be active i.e. no needs for confirmation email;
  3. I store username and password (and any other info and keys) in the app memory (in the sandbox);
  4. From now on every time the app starts the WebView must show my discourse instance already logged in using stored username and passwor, i.e. I don’t want to show the login panel to the user every time he runs the app.

Can you explain me how to use it in my app to satisfy my requirements?

BTW I know that API keys must not shipped in the app. There are several ways to avoid from that :wink:


(Parinita Sandhu ) #5

were you able to find a solution for this problem?
I’m trying to do exactly the same thing.


(Joffrey Jaffeux) #7

Can you try uninstalling and reinstalling the app please ?