What is the more appropriate way to handle authorization in the iOS app

Question

I'm trying to create an iOS application that requires authorization on some REST-service. What is the more appropriate structure of such application?

I think that there's should be smth like SignInViewController with the appropriate text fields to enter username and password and I need to present it if one of the following conditions are met:

• No sign-in was previously done
• User credentials previously entered are currently invalid (of course, REST-service returns this info)

Ok, the first question is -- where should I place the code that checks the necessity of showing this view controller? In the func application(application: UIApplication, didFinishLaunchingWithOptions launchOptions: [NSObject: AnyObject]?) -> Bool function?

The next question is -- how should I remember the user credentials entered in the last time? Should I save it to the iOS keychain with the key named smth like "LastEnteredUserCredentials"?

Then, where should I place the code that does an HTTP-request to the REST-service for the user authorization in both cases (first authorization ever or authorization with the saved user credentials)?

Is there any elegant examples of doing such things?

Thanks in advance.

Answer 1

1. I think that most appropriate place to check your authorization status is in applicationDidBecomeActive
2. It would be better if you save all credentials in the keychain because it may share all data between all user's devices.
3. Use the singletone pattern by creating AuthorizationManager class, that contains all relevant code and generate notifications when the auth. status changed. Subscribe your app delegate to these notifications and let it present an appropriate view controller. Also the singleton could observe the UIApplicationDidBecomeActiveNotification notification (from NotificationCenter) so there is no need to modify applicationDidBecomeActive method of appDelegate