Phonegap & Jquery mobile app to use Codeigniter Ion Auth backend for login

Question

I already have CRUD web application which is build using Codeigniter PHP framework and Ion Auth authentication library (for Codeigniter). So users needs to log-in to use the site etc.

Now Im building small mobile app using Phonegap & jQuery mobile which uses this same backend. There is "REST like" api in backend which handles all ajax requests from mobile client.

How should I handle user authentication for this mobile app? I want to use as much as possible existing backend codebase.

Im planning something like this:

• From client send username & pass to server
• Return session id back to client from server
• Store session id to client (local store)
• Send that token in each requests to server and validate it in serverside.

How to do this in backend side? For login, I can use Codeigniter Ion Auth library login methods and get Codeigniter (PHP) session id. In second request when user send some actual data together with sessoin id, how to validate the session id? Or is it better idea to build completely new login functionality for mobile app authentication than try to use existing functionality (Codeignitre Ion Auth library)?

All ideas and suggestions are more than welcome!

Answer 1

I think the best solution is just to put a middleware between your controllers and the request.

You can do that with the Hooks : http://ellislab.com/codeigniter/user-guide/general/hooks.html

Use the pre controller hook.

For managing easily API requests, play with the HTTP code

• 404 : Not found item (like /client/:id)
• 500 : The server has a problem
• 401 : There is no token
• 403 : This token is not authorized to access this resource (like a simple user who wants to access admin stuffs)

You have all the codes here : http://en.wikipedia.org/wiki/List_of_HTTP_status_codes

Avoid to use a complex library when you can do it easier. The hooks is the best for me.

I use NodeJS and the concept is the same with Express middlewares.