Authentication with custom authenticator via Azure Mobile Services and cordova app

1
votes

I am building a phone app using Cordova/Phonegap and an Azure Mobile Services backend. I need to use a custom authenticator since this is integrating with a current software product.

I built the server side using info from http://azure.microsoft.com/en-us/documentation/articles/mobile-services-dotnet-backend-get-started-custom-authentication/

I set config.SetIsHosted(true); in WebApiConfig

From the client, I seem to be authenticating fine and getting back a valid token, but I'm not sure what to do with it. I've tried setting client.currentUser, but my api calls are coming back as unauthorized.

Here's some code:

client = new WindowsAzure.MobileServiceClient("http://`localhost`:50523");      
login = function () {
    client.invokeApi("CustomLogin", {
    method: "post",
    body: { "username": "user1", "password": "pass1" }
    })
    .done(function (result) {
        var login = JSON.parse(result.response);
        client.currentUser = login.user;
        client.currentUser.mobileServiceAuthenticationToken = login.authenticationToken;

        //lets try now that i'm valid
        getMembers();

        app.navigate("views/home.html");
    }, function(error) {
        alert(error);
        });

};

    getMembers = function () {
        client.invokeApi("Member", {
            method: "get",
            body: {}
            })
        .done(
        function(result) {
            alert(result.result[0].lName);
            },
        function(error) {
            alert(error);
            });

    };

Is there more I need to do with the authentication token to make this work? Thanks!

EDIT: Some more info --

Using Fiddler to monitor the traffic, I see that the call to /api/member has a few headers set:

X-ZUMO-AUTH: set to the token I got back earlier
X-ZUMO-FEATURES: AJ
X-ZUMO-INSTALLATION-ID: a guid
X-ZUMO-VERSION: ZUMO/1.2(...)
1
authenticationazure-mobile-services
Azure Mobile Services doesn't support custom identity providers. Just Microsoft, Facebook, Twitter, Google and Active Directory. What authentication are you trying to use?Bret Bentzinger
A custom identity provider... as discussed in the link I put at the top of my entry.Wavel
What happens if you just invoke the API After logging in? Don't set any user. I think the client stores this for aaccess when invoking API's. So you shouldn't have to do anything unless you want to cache the user token. In which case you could do what is suggested here: azure.microsoft.com/en-us/documentation/articles/…Bret Bentzinger

1 Answers

0
votes

OK. Looked at this in detail. First, the sample is only creating users in the local Azure mobile service DB. I am assuming you are creating a user on the actual Mobile Service in Azure. You can see the line of code I commented out below that can add it if you want to test. But here is code that should do what you want. Sorry it is C#, but should translate easy enough. Note "UserToDo" is the string my CustomLoginProvider.ProviderName returns.

protected override async void OnNavigatedTo(NavigationEventArgs e)
{
    LoginInfo dude = new LoginInfo() { username = "user", password = "P-Dub" };

    //  await App.MobileService.InvokeApiAsync<LoginInfo, LoginResult>("CustomRegistration", dude);

    //  Call Custom API To Log iN
    var result = await App.MobileService.InvokeApiAsync<LoginInfo,LoginResult>("CustomLogin", dude);

    // Create the user credentials.
    PasswordCredential credential = new PasswordCredential("UserToDo",
        result.user.userId, result.authenticationToken);

    MobileServiceUser user = new MobileServiceUser(credential.UserName);
    credential.RetrievePassword();
    user.MobileServiceAuthenticationToken = credential.Password;

    // Set the user from the stored credentials.
    App.MobileService.CurrentUser = user;


    await RefreshTodoItems();  // This accesses the mobile service.
}


public class LoginInfo
{
    public String username { get; set; }
    public String password { get; set; }
}


public class LoginResult
{
    public User user { get; set; }
    public string authenticationToken { get; set; }
}

public class User
{
    public string userId { get; set; }
}