Update auth providers to return token so apps can re-authenticate automatically
Right now, users have to re-log in every time they launch the client app. It would be better to provide the auth token from the provider and let the client app re-authenticate automatically.
brian dunnington
shared this idea
Josh Twist has a helpful post on this topic here: http://www.thejoyofcode.com/Setting_the_auth_token_in_the_Mobile_Services_client_and_caching_the_user_rsquo_s_identity_Day_10_.aspx
Feel free to reach out to him directly on Twitter @joshtwist with questions regarding this post or head to the Mobile Services forums.
5 comments
-
Alexander
commented
This is now supported. Can be closed. http://chrisrisner.com/CountDownLatchs-and-Android
-
Michael
commented
"You can't do it with Microsoft account unless you do it with Live SDK, it's because the token passed back from Zumo Microsoft auth is signed and is not useful." - Thanks for that code snippet, but I guess it feels like I shouldn't even have to jump through those hoops (plus, I wanted to use Live). I'm sure they can figure something out to make this piece easier.
-
Xinyang Qiu
commented
It's already there for facebook and google account, something like following:
var task = App.MobileService.LoginAsync(MobileServiceAuthenticationProvider.Facebook);
var user = await task;
if (!user.UserId.Equals(""))
{
UserAccess userAccess = new UserAccess { userId = "Facebook web login access" };
await App.MobileService.GetTable<UserAccess>().InsertAsync(userAccess);App.MobileService.Logout(); // Log out the Web loging
if (userAccess != null)
{
JObject jobj = new JObject();
string token = (string) JObject.Parse(userAccess.identities).SelectToken("facebook.accessToken");
jobj.Add("access_token", token);// login again with access token
await App.MobileService.LoginAsync(MobileServiceAuthenticationProvider.Facebook, jobj);
await E2EZumoHelper.ZumoCRUD(4, "Token " + ZumoPermissions.Authenticated.ToString(), "Pass", "PermissionUser");await App.MobileService.GetTable<UserAccess>().InsertAsync(new UserAccess() { userId = "facebook token acces 1"});
App.MobileService.Logout();
}
else
{
LogMessage("[Hint]: App unable to get User Id, Make sure add insert script in userAccess table on the portal.");
return;
}}
For google, the parsing code is like:
string token = (string) JObject.Parse(userAccess.identities).SelectToken("google.accessToken");
jobj.Add("access_token", token);You can't do it with Microsoft account unless you do it with Live SDK, it's because the token passed back from Zumo Microsoft auth is signed and is not useful.
You can't do it with Twitter because twitter somehow don't support token login.
-
Michael
commented
Thanks for the link to that alternative, but I hope your team makes this one a high priority. Until this is implemented, I don't think I can use the built-in login method at all, and will have to do my own authentication as Josh did. Logging into an app every time would be bad for usability, except for certain app categories like banking.
-
Nate Bross
commented
It's hard for me to believe that this is not already a feature! Its crazy to make users login to your app every time. In same cases it might make sense, but not all, or even most I'd venture.
