3

I'm working on a project that involves a native iOS client as well as a web back end (a Padrino app, if it matters). I've got Facebook authentication working fine for either one individually; but what I would like if at all possible is for the user to login using the native app using Facebook's iOS SDK, and then for this authentication to somehow make it all the way to my servers. The alternative seems to be to require the user to log in twice with Facebook, which I'm sure can't be right.

Is this possible? Alternately, what is the standard way to solve this problem?

Dan Tao
  • 125,917
  • 54
  • 300
  • 447
  • Why would the back-end want to do anything with the user's Facebook account? – nhahtdh Jun 12 '12 at 03:05
  • @nhahtdh: Sorry, the question might have been a bit misleading. I want to share authentication, but I am not just using Facebook for auth. The whole application is based around the Facebook graph API; so most of the logic involving users' friends, profiles, etc. will exist on the back end. Unless, of course, what I'm asking isn't possible. – Dan Tao Jun 12 '12 at 03:09

1 Answers1

4

I've done this before, and it wasn't a problem. Once you obtain the proper tokens in your iOS client, you should be able to share those with your server to allow it to perform the same requests. Just be careful about how you send those sensitive tokens to your server!

jimt
  • 1,980
  • 2
  • 21
  • 28
  • Nice, I was hoping someone else had success with this. I just need to dig in a little and figure out which token(s) I need to share. As for your warning: is sending the tokens via HTTPS good enough, you think? Or were you implying something else? – Dan Tao Jun 12 '12 at 12:15
  • It's my understanding that sending this over HTTPS should be fine. See here: http://stackoverflow.com/questions/1582894/how-to-send-password-securely-over-http – jimt Jun 12 '12 at 18:09
  • Finally got around to testing this (well, several days back) and it worked like a charm. Thanks! – Dan Tao Jun 20 '12 at 17:08