Share My Creation (PHP/MySQL/API) User Login App

Web API






Android App




 
Last edited:

aeric

Expert
Licensed User
Longtime User
B4A User Login App (App.zip)
Note: In Starter module, under Process_Globals, you can change the values to your own values.
B4X:
    'Dim strURL As String = "http://172.20.10.6:8000/api/"                         ' Local / Development (Hotspot)
    Dim strURL As String= "https://api.computerise.my/"                            ' Remote / Production
    Dim DEMO_EMAIL As String = "myemail@gmail.com"
    Dim DEMO_PASSWORD As String = "mydemopass"
    Dim DEV As Boolean = True

PHP Web API (api.zip)
SQL script to create the database is included in the zip file.
Note: In my shared hosting, I need to rename folders in views to start with capital letter. Example: wwwroot/api/views/Home.

 

Attachments

  • api.zip
    451.6 KB · Views: 2,135
  • App.zip
    50.1 KB · Views: 1,946
Last edited:

Alexander Stolte

Expert
Licensed User
Longtime User
I am also thinking to use B4J to build the backend after this. If you can share your creation then it would be great.
so far i only have the front end and a database concept.
I'm currently learning how to store passwords securely in the database and how to use an Auth-Token system, so that a logon will expire and you need a new token via user data.
 

TILogistic

Expert
Licensed User
Longtime User
https://api.computerise.my/user/getapikey

Result:

[{"result":-1,"message":"Error-No-Value"}]

B4X:
Dim parser As JSONParser
parser.Initialize(<text>)
Dim root As List = parser.NextArray
For Each colroot As Map In root
    Dim result As Int = colroot.Get("result")
    Dim message As String = colroot.Get("message")
Next

this should be the result ??

{"result":-1,"message":"Error-No-Value"}

B4X:
Dim parser As JSONParser
parser.Initialize(<text>)
Dim root As Map = parser.NextObject
Dim result As Int = root.Get("result")
Dim message As String = root.Get("message")
 

Alexander Stolte

Expert
Licensed User
Longtime User
I used password hashing, random salt, security code and api key.
And on the client side?
In the app the password should first be hashed + salt, then sent to the api and then hashed + salt again. I found an interesting article here that I looked at at the beginning of the week.

security code
You mean the e-mail confirmation?

I find the topic very exciting, as it is the one that worries me the most.
 

TILogistic

Expert
Licensed User
Longtime User
Very Good

And on the client side?
In the app the password should first be hashed + salt, then sent to the api and then hashed + salt again. I found an interesting article here that I looked at at the beginning of the week.

Other tips:

Custom Token and Protect (Password, Data the send Api)



Search google:


Note:
All programming language is good, it is only the logic of the programmer that makes it powerful.
 

aeric

Expert
Licensed User
Longtime User
The reason of result is a list instead of map is because based on my previous experience, in some scenarios I want a list. So I make the result return a list as default for all scenario. If a scenario where empty result is return then I will get a pair of square brackets.
 

aeric

Expert
Licensed User
Longtime User
Just checking, are we meant to interpret these two sentences as you saying that PHP is less secure that B4J?
My opinion is PHP and B4X can be same as powerful in term of security which depend on how the developer implement it. One reason I use PHP is I don’t need to own a VPS to demo this project.
 
Cookies are required to use this site. You must accept them to continue using the site. Learn more…