-1

I've developed a website with the usual crud functionalities in Codeigniter and MySQL. I'm now tasked with creating a mobile app (with the same functionalities ) in Ionic 2.

To access my database with Ionic, I created a REST api -- which I was able to manipulate smoothly.

My questions are:

  1. How, or can I, use my MySQL users' credentials to log in on my Ionic 2 app?
  2. How can my web and mobile can share the same database?

I've been reading a lot about Fire base,etc. However, my tiny brain is unable to comprehend whatever I read. If anyone can point me to right direction, I would highly appreciate it. Thanks!

angelo123
  • 3
  • 2
  • 1
    If you already got a REST API set up, I don't understand the question. Isn't that API the only one that needs to talk to the db? And all the Apps talk to that api. – Jeff Jun 29 '17 at 20:34
  • *this is my first time using Ionic2 btw, or for this matter, developing a mobile app :\ – angelo123 Jun 29 '17 at 20:34
  • Yes, I've set up a REST api -- I'm just not entirely sure if I'm doing this correctly with all the reading I've been doing. Thanks Jeff! – angelo123 Jun 29 '17 at 20:56

2 Answers2

1

When developing an Ionic App you have to think of it as if you were developing a regular website. The only difference is that you have access to native device features with cordova plugins, but the whole flow is almost exactly like in a regular website (it is an angular application after all).

This means you can use your API just like you use it in your website. There is no need to use firebase. (Firebase is kind of like a database itself that you could use INSTEAD of your MySQL backend)

Andreas Gassmann
  • 6,334
  • 7
  • 32
  • 45
0

Totally agree with @Andreas. When you build a modern application that supports on the different platforms such as web or mobile, you need to design a standard API and then next step is to build a web application/mobile app to consume this API. And because of all the web/devices are all consuming from the same API, they are interacted with the same database. Unless they are using different API. Can refer to the image below for easy understanding.

REST API

So talk about how authentication and authorization can be done from the mobile app or from the web app. You should take a look at OAuth2. It is a protocol for securing API services from untrusted devices, and it provides a nice way to authenticate mobile users via what is called token authentication.

The workflow will look like below, on both web and mobile app.

  1. A user opens up your mobile app and is prompted for their username or email and password.

  2. You send a POST request from your mobile app to your API service with the user’s username or email and password data included (OVER SSL for sure. If you don't know about it, google it).

  3. You validate the user credentials, and create an access token for the user that expires after a certain amount of time.

  4. You store this access token on the mobile device, treating it like an API key which lets you access your API service.

  5. Once the access token expires and no longer works, you re-prompt the user for their username or email and password.

Reference

REST API from PHP

The ultimate guide for Mobile Security

trungk18
  • 19,744
  • 8
  • 48
  • 83
  • This is a great explanation! Thanks trungk! – angelo123 Jun 30 '17 at 10:25
  • Glad to see it help you. Seem you have duplicated your comment, and actually thank you comment are not really necessary. Also there is a similar question about mobile authentication here. https://stackoverflow.com/questions/19799416/how-do-popular-apps-authenticate-user-requests-from-their-mobile-app-to-their-se – trungk18 Jul 03 '17 at 02:37