I'm building an iPhone app, which will communicate with my own API. Users authenticate within the app through Facebook, Twitter or email/password. Their user data returned is then sent to my API, which returns a JWT, which is used for further requests.
What is the best way to implement this?
Currently, I have built the API so that users can login/register via email and password, however now I need to add OAuth support.
One idea was to register the user using the email returned from the OAuth provider, and use their access token as the password, however if this access token changes in the future it renders their account unusable.
Aucun commentaire:
Enregistrer un commentaire