ios - Best solution to refresh token automatically with AFNetworking? -


once user logged in, token (digest or oauth) set http authorization header , gives authorization access web service. if store user's name, password , token somewhere on phone (in user defaults, or preferably in keychain), user automatically logged in each time application restarts.

but if token expires? "simply" need ask new token , if user did not change password, should logged in once again automatically.

one way implement token refreshing operation subclass afhttprequestoperation , take care of 401 unauthorized http status code in order ask new token. when new token issued, can call once again failed operation should succeeds.

then must register class each afnetworking request (getpath, postpath, ...) uses class.

[httpclient registerhttpoperationclass:[retryrequestoperation class]]

here exemple of such class:

static nsinteger const khttpstatuscodeunauthorized = 401;  @interface retryrequestoperation () @property (nonatomic, assign) bool isretrying; @end  @implementation retryrequestoperation - (void)setcompletionblockwithsuccess:(void (^)(afhttprequestoperation *, id))success                               failure:(void (^)(afhttprequestoperation *, nserror *))failure {     __unsafe_unretained retryrequestoperation *weakself = self;      [super setcompletionblockwithsuccess:success failure:^(afhttprequestoperation *operation, nserror *error) {         // in case of 401 error, authentification email/password tried once renew token.         // if succeeds, opration sent again.         // if fails, failure operation block called.         if(([operation.response statuscode] == khttpstatuscodeunauthorized)            && ![weakself isauthenticateurl:operation.request.url]            && !weakself.isretrying)         {             nsstring *email;             nsstring *password;              email = [sessionmanager currentuseremail];             password = [sessionmanager currentuserpassword];             // trying authenticate again before relaunching unauthorized request.             [servicemanager authenticatewithemail:email password:password completion:^(nserror *logerror) {                 if (logerror == nil) {                     retryrequestoperation *retryoperation;                      // authenticated again, same request can launched again.                     retryoperation = [operation copy];                     // tell retry. ensures not retry indefinitely if there still unauthorized error.                     retryoperation.isretrying = yes;                     [retryoperation setcompletionblockwithsuccess:success failure:failure];                     // enqueue operation.                     [servicemanager enqueueobjectrequestoperation:retryoperation];                 }                 else                 {                     failure(operation, logerror);                     if([self httpcodefromerror:logerror] == khttpstatuscodeunauthorized)                     {                         // authentication returns unauthorized error, user seems not authorized anymore.                         // maybe password has changed?                         // user logged out redirected login view.                         [sessionmanager logout];                     }                 }             }];         }         else         {             failure(operation, error);         }     }]; }  - (bool)isauthenticateurl:(nsurl *)url {     // path depends on implementation, can "auth", "oauth/token", ...     return [url.path hassuffix:kauthenticatepath]; }  - (nsinteger)httpcodefromerror:(nserror *)error {     // how http status code depends on implementation.     return error.userinfo[khttpstatuscodekey]; }

please, aware code not work is, relies on external code depends on web api, kind of authorization (digest, oath, ...) , kind of framework use on afnetworking (restkit example).

this quite efficient , has proved work both digest , oauth authorization using restkit tied coredata (in case retryrequestoperation subclass of rkmanagedobjectrequestoperation).

my question is: best way refresh token? wondering if nsurlauthenticationchallenge used solve situation in more elegant manner.

your current solution works , have code it, there might reasonable amount of code achieve approach has merits.

using nsurlauthenticationchallenge based approach means subclassing @ different level , augmenting each created operation setwillsendrequestforauthenticationchallengeblock:. in general better approach single operation used perform whole operation rather having copy , update details, , operation auth support doing auth task instead of operation completion handler. should less code maintain, code understood less people (or take longer understand most) maintenance side of things balances out on all.

if you're looking elegance, consider changing, given have working solution there little gain otherwise.


Comments

Post a Comment

Popular posts from this blog

javascript - RequestAnimationFrame not working when exiting fullscreen switching space on Safari -

request animation frame stops working when exiting fullscreen clicking on original space's safari window. fine if fullscreen mode canceled escape key or calling cancelfullscreen(). steps reproduce: open https://dl.dropboxusercontent.com/u/769042/prezi/safari-fullscreen.html click "draw raf", kittie appears click "fullscreen", go fullscreen click "draw raf", kittie appears go space original safari was, showing "click exit fullscreen mode", click anywhere, out fullscreen click "draw raf", nothing happens what handling click calling: window.requestanimationframe(draw); which draws on canvas context: function draw() { ctx.drawimage(img, math.random()*500|0, math.random()*400|0, 100, 100); } i checked .hidden , .visibilitystate, updated correctly. tested on osx 10.9.3, safari 7.0.4 (9537.76.4). has workaround/solution other switching old settimeout? this sounds webkit bug 88940 : using reque
Read more

Python ctypes access violation with const pointer arguments -

i have api i'm trying wrap in python (2.7.6 on win7) code using ctypes. here's api: client_dllfunc bool clientapi search_exporttoclipcopy(clienthsearch handle, int channel, lpctstr filename, const time_t& from, const time_t& to, const bool* cameras, int length, bool usepassword, lpctstr password, bool includetextin = false, bool excludeplayer = false); the issue i'm having cameras argument; , i've had issue other const pointer arguments well. here's how i'm wrapping api: def search_exporttoclipcopy(self, hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, password, includetextin=true, excludeplayer=false): exporttoclipcopy = self.sdkdll.search_exporttoclipcopy exporttoclipcopy.argtypes = [c_int, c_int, c_wchar_p, c_long, c_long, pointer(c_bool), c_int, c_bool, c_wchar_p, c_bool, c_bool] exporttoclipcopy.restype = c_bool exporttoclipcopy(hsearch, csearch, filename, tfrom, tto, cameras, length, usepassword, pass
Read more