Reputation: 70416
How to develop an authentication to conform apple's terms and conditions?
I am developing a messenger for iOS.
Apple requires the user to be authenticated to restrict anonymous messaging
22.6 Apps that enable anonymous or prank phone calls or SMS/MMS messaging will be rejected
from guidelines https://developer.apple.com/appstore/resources/approval/guidelines.html
So I need a user authentication similar to WhatsApp's which could work this way:
- User enters phone number.
- Phone number is sent to server.
- Server sends an sms with a 3 (or 4, don't remember) digit code to that number.
- User enters the code.
- Code is sent to server.
- Code is validated and if it matches the user is authenticated.
I have the server side prepared. The only thing I need now is to implement the UI and authentication process on the phone itself. Since my main app is ready I want to know how to embed the authentication in the app.
My suggestion is to have a modally shown window if the user is not authenticated yet and require his phone number. Do I have to check if user is authenticated on every startup?
Any other ideas or suggestions?
Upvotes: 0
Views: 428
Answers (1)
Reputation: 3228
A modal view controller would be a great pick for the user interface. It has the benefit of encapsulating the web service call and handling it all within that view controller.
I would say no to re-authenticating the user each app launch, I would probably use NSUserDefaults once they successfully authenticate once to store credentials, an access token, or whatever identifying information you need to revalidate the user (without having to make the user aware of the re-authentication. The documentation has examples on how to work with NSUserDefaults and will get you where you need to go in that regard.
The gist of this approach is to make a new view controller subclass that handles the web authentication (and accessing NSUserDefaults) and then presenting it modally over an existing view controller.
You would do something like the following in your main view controller (or wherever you wish to present the authentication from):
// ....
AuthViewController *authVC = [[AuthViewController alloc] init];
[self presentModalViewController:authVC animated:YES];
[authVC release];
// do your authentication from with AuthViewController
// ....
Then, in whatever method would signify authentication is complete:
// ....
// note this is done within the AuthViewController
[self dismissModalViewControllerAnimated:YES];
// ....
Upvotes: 2
Related Questions
- How to achieve client validation in iOS?
- How to manage security and authentication in iOS programming for posting request and getting response?
- User registration and authentication service for iOS app
- Logging in to iOS app
- iOS simple authentication
- Security code for IOS app
- Need some way for authentication in iphone device
- Http Authentication in Objective C
- Creating HTTPS login on iOS?
- HTTP Authentication for iPhone