How to authenticate iOS/iPhone users with remote web application and re-use authentication ticket in future requests to the same web application?

Question

I am building an iOS application and I need to be able to make authenticated requests to a Rails 3 application for various bits of data. The Rails 3 application is using omniau

Answer 1

For my app this is what I'm doing.

My app is using devise with omniauth for login and user stuff. Devise by itself can generate a unique token, with the flag token_authenticatable. So on my login request, if the login is successful I reply with a JSON representation of my user and my user token. I save all that on the phone memory.

Then on every request I add the param auth_token=MY_USER_TOKEN.

And that's about it.

I had just a problem with the Facebook auth, because I'm using the Ios facebook SDK, so I forward the FB token to my app, verify it, and then just return the same devise auth_token for all following requests.