Drupal connected iPhone application using services and authentication.
May 19th, 2010 | Published in Drupal, iPhone, Javascript, MySQL, PHP, Titanium | 12 Comments
So I’ve built my first Drupal connected iPhone application. It uses the services module and authentication. I couldn’t find any code examples of using authentication online anywhere so I am including some code examples in this post in hopes that it will help someone else.
Firstly, I followed the tutorial I found in the CivicActions blog, and after I saw how to use the code to connect to a web service, I decided to look for how to use authentication, since the website I am building an app for uses authentication for the web services.
I used the suggested JS SHA256 library in the CivicActions tutorial, and came up with the method to use it properly while communicating with the services module.
Here is the code you’ll need, keep in mind this is using Titanium Developer, all code is written in Javascript, and you’ll need the iPhone emulator in order to see the results.
var servicesURL = 'http://example.com/services/json';
var domain = 'example.com';
var date = new Date();
var obj = {
method: service,
domain_name: domain,
domain_time_stamp: date.getTime(),
nonce: rnd(), /* just a random function that returns a random string */
sessid: sessionid
};
// create the hash using secure hash algorithm using 256bit encryption
obj.hash = HMAC_SHA256_MAC(apikey, obj.domain_time_stamp+";"+obj.domain_name+";"+
obj.nonce+";"+obj.method);
// this is your view name, be sure your authentication key allows access to views.get
obj.view_name = 'the_drupal_view';
// create the connection to our services module and send json data via POST
var xhr = Titanium.Network.createHTTPClient();
xhr.open("POST", servicesURL);
xhr.send({data: JSON.stringify(obj)});
// once our data has returned the onload function is used
xhr.onload = function(){
// perform your code here with the data coming back,
// data will be the object containing the response.
var data = JSON.parse(this.responseText);
// you can use Ti.API.info(JSON.stringify(data)) to output your response to the console
}
After I figured out how to put together the proper call out to the services from Javascript, I was able to format some data, here is my result:
Drupal connected iPhone application
Download the JS SHA265 library: js sha256 version 0.1
May 21st, 2010 at 10:46 am (#)
this looks very interesting, but if your using appcelerator, then how is the ANDROID side of the project working? Did you do an ANDROID project?
May 21st, 2010 at 2:55 pm (#)
Hi Vincent, yes the Android product is coming along well too, there will be some subtle differences between the two only look and feel wise, the code and data remain the same. I’ll post some screen captures with the Android simulator once the design is in place. I’m excited about the Android release too. Are you building your apps with Appcelerator or another tool?
Cheers,
Chris
June 10th, 2010 at 7:47 am (#)
I was using native OC for just iPHONE. Drupal back end. But not much luck with the services module. I did not put a lot of time into SERVICES becuase I was waiting for the new 3.0 version to come out, and I have an alternative solutions. Plus, I really dont need authentication at the moment anyway. But I like the direction of what your doing. I will be very interested to see how your android solution is working.
September 8th, 2010 at 11:42 am (#)
Wow, this is exactly what I was looking for. We have Appcelerator-based apps for iPhone, Android and iPad here at the New York Senate, and are now moving to use the Services module to retrieve data from our NYSenate.gov site (instead of scraping like we do now).
Thanks for getting the ball rolling with this, and sharing your code!
October 6th, 2010 at 2:27 pm (#)
How did you get the call to HMAC_SHA256_MAC() compile with titanium? Is it supported in their crypto libs?
October 19th, 2010 at 2:46 am (#)
Hi Chris,
I posted a working solution titled “Drupal + JSON Server + HMAC Authentication + Titanium” at:
http://groups.drupal.org/node/89679#comment-319534
There’s a bit of code to wade through but I was hoping it would help others who, like myself, are still very new to this.
Thanks heaps for starting off this thread it helped heaps!
Cheers,
Rob
January 28th, 2011 at 9:16 am (#)
I apologize for the delayed response to your reply, my blogs notification seems to have stopped when I receive a comment. When I first compiled the SHA256 functions i was getting a ton of warnings and errors in the script, and it wouldn’t compile, although it was working fine in non-appcelerator tests. So i read through all the errors and warnings, all I had to do was declare variables and if I remember correctly appcelerator doesn’t like for loops or if/else statements that do not use parenthesis to start and end the statements.
January 28th, 2011 at 9:20 am (#)
Honestly, so happy that I could help. When I was first started using appcelerator i couldn’t find any documentation on authentication dealing with web services, and I looked good and hard! So once I got things going I made sure that I posted my code in hopes that it would help someone that needed it.
March 16th, 2011 at 6:58 am (#)
Hi Chris:
Thanks a lot for sharing !
I’m finding my way at using Drupal services and Titanium and your post was a godsend!
I’m quite a noob with Drupal services and am wondering how you do generate the authenticated user session id.
My first guess is that to use system.connect to generate the session id, and then user.login , to authenticate the session id.
Afterwards follow just your example.
Would be great if you could share how you are handling the entire process.
I am also wondering how long we can persist the session id. To avoid storing the user name and password, saving the session id as a property could be a good workaround.
As I stated before , I am a noob at this, and don’t understand from the example code how you are handling user authentication.
Thanks in advance!
Richard
April 25th, 2011 at 3:50 am (#)
Hi Chris,
Which version of the JSON Server are you using? I’ve been on this for hours, in-n-out of forums practically all over the place.
Thanks,
Jason
May 4th, 2011 at 7:36 pm (#)
You have developed this for iPhone using titanium. But, isn’t it a problem on calling cross site XML-RPC ??
August 2nd, 2011 at 10:43 am (#)
Hi Chris,
Thank you for the great example.
Do you happen to have any successful sample code in saving a node with this setting?