Sunday, December 10, 2017

https PHP/MySql webservice with ios instagram login

By Hường Hana 12:30 PM , , , , Leave a Comment

I'm trying to wrap my mind around something. I want to create a web service that accesses a database from an ios/ android app. Now I want the user to be able to log into the app through the Instagram API.

I'm a bit confused as in how they tie together. Obviously step one is to login with Instagram. What do I do then? I would like to save this user information I receive (let's say at least the username/ID) to the database with some other info that don't come from Instagram, like the location. All that in a secure way. can i use the instagram token for this? I'm a bit stuck on this process...

2 Answers

Answers 1

To do what you're looking for, the easiest way is to do a Rest WebService.

Using this WebService, both your iOS and Android apps will be able to connect and send/get data.

Your WebService should be responsible for managing all the data, saving or getting info from a Database. And can be also be responsible for user authentication.

To talk to your WebService, your app can use JSON. So you should learn how to send and parse JSON.

Good Luck!

Useful links:

Instagram's API

Instagram Integration in Android Application Tutorial

UPDATE

To correlate the instagram user with your database you can use the provided user id:

{     "access_token": "fb2e77d.47a0479900504cb3ab4a1f626d174d2d",     "user": {         "id": "1574083",         "username": "snoopdogg",         "full_name": "Snoop Dogg",         "profile_picture": "..."     } }

See: Instagram Authentication

Answers 2

After you complete the step 3 Instagram Autorization, which is pretty simple and i wont talk about it since you question is how to integrate Instagram data with you database, you should receive the following json:

{     "access_token": "fb2e77d.47a0479900504cb3ab4a1f626d174d2d",     "user": {         "id": "1574083",         "username": "snoopdogg",         "full_name": "Snoop Dogg",         "profile_picture": "..."     } }

What you do with the data is a matter of architeture:

1) You user may authorize through instagram or regular username/password

Create a user table that has both password field and instagram user_id:

Your user table might be like:

CREATE TABLE users (     id INT AUTO_INCREMENT NOT NULL ,     username VARCHAR(255) NOT NULL,     password VARCHAR(255) DEFAULT NULL,     instagram_userid INT DEFAULT NULL,     instagram_accesstoken VARCHAR(255) DEFAULT NULL,     PRIMARY KEY(id) );

Anytime a user authenticates through Instagram you should:

  1. Look for you uses table for a row with the same instagram_userid returned by instagram api.
  2. If the instagram_userid already exists, you should authenticate you user in YOUR application now (for example, using SESSIONS/COOKIES, i.e. the usual way you have done your whole life).
  3. If the instagram_userid doesnt exist, you should create a user row, with the username returned by Instagram API. Also authenticate this user with SESSION.

2)Instagram is your only user choice for authenticating

You should then just create a user table that is only a mirror for instagram api return. You can treat instagram_userid as your primary key:

CREATE TABLE users (     username VARCHAR(255) NOT NULL,     instagram_userid INT DEFAULT NULL,     instagram_accesstoken VARCHAR(255) DEFAULT NULL,     PRIMARY KEY(instagram_userid)  );
  1. Anytime a user authenticates throught Instagram API, you should search in you user table for a row with the same id as returned by Instagram API.
  2. If the row exists, authenticate that user in your application.
  3. If the row doesnt exist, create it and authenticate the user.

Account merging

If your application handles both username/passoword authentication and maybe others authentication providers , you should expect that a user might forget that he registered through you app with lets way Instagram Auth, and try to autenticate through username/password. If this happens, you might provide a way to merge the accounts, instead of duplicating it. For example, if the user Instagram email exists in your database as a username, you should update this row with instagram api data, instead of assuming its a new account. In this way, now your user can authenticate both with usuername/password and Instagram.

Access token

The instagram access token is stored, but now used. Why? Because it would be used for fetching instagram data, like user posts, friends list, etc. If you want to do it, you should not assume the token is valid, because it might expire, so you should handle token expiration and provide a way to the user authenticate again.

If You Enjoyed This, Take 5 Seconds To Share It

0 comments:

Post a Comment