How does login usually work in ios app? [closed]

Question

How is user authentication usually implemented in IOS app?

I am thinking of doing the following:

1. User completes form with username and password in app.
2. Username and password sent to server.
3. Server verifies username and password. Authenticates user. Sends back token.
4. Token stored in iOS APP (in preferences or wherever you store such things).
5. Next time user opens the app, token retrieved from settings and is sent to server to authenticate user for various functions.

Is that how login works in ios app?

Answer 1

Generally, authentication may be required for communication with web services. For example, if a service returns user account information (or any user specific data), then the request should be passing in some kind of authentication token that both identifies the user and qualifies as "yes, this client can have this data". The standard practice for this is to send in a cookie, just as a web browser might persist authenticated state. The authentication request should set the cookie on the response. In your app, you can check for your cookie to see if the user has been authenticated. Step 5 is half right, you might want to check for authentication and put up a sign in screen, but you might want the app to be usable offline, and therefore don't need to send in another authentication request if the token/cookie exists.

You might want to check out OAuth. http://oauth.net