2

I have an iOS App which currently pulls in all the data from the MongoDB using a Node.js server. Currently my API / my node server handles all the data manipulation the iOS app/Swift only displays the data within the app. My server carries out all the functions on the data being returned from MongoDb.

I have a Joomla website where all my users are registered and have their own username and password.

My app has a login screen, where there are username and password fields. I want that the user enter their Joomla login details (i.e username and password). And only and only if they are registered on my Joomla site they will be allowed access to my App and view the data being pulled in from MongoDB.

Currently my entire app is running JavaScript, NO PHP!

Is there a way that I can authenticate users from my iOS App?

Zanon
  • 329
  • 2
  • 3
  • 16
Lorenzo von Matterhorn
  • 357
  • 3
  • 15
  • why didn't you ask at Stack Overflow? http://meta.stackexchange.com/a/129632/165773 – gnat Aug 12 '15 at 14:01
  • 1
    @gnat because in my experience if you don't show them what you have done so far or show any kind of code they mark the question down. I can't show any code because I have literally no idea how to do it. – Lorenzo von Matterhorn Aug 12 '15 at 14:02
  • So why can't your Swift code Post the login name/pw to your Joomla site & get a response back? – Dan Pichelman Aug 12 '15 at 14:18
  • @DanPichelman Thank you for the reply. You are correct I can use swift to authenticate the user. But thing is I don't how to do it in both swift or javascript. As joomla is a completely different system with a completely different structure. – Lorenzo von Matterhorn Aug 12 '15 at 14:22
  • From the end user's point of view, Joomla is (I think, I'm not a Joomla expert) just another web application with a login screen. You should be able to pretend to be a user and just log into the site as if you were a web browser. – Dan Pichelman Aug 12 '15 at 14:24
  • What exactly is the problem? Can't you check the credentials against the joomla database in node? – GrandmasterB Aug 12 '15 at 16:40
  • @GrandmasterB The problem is that I don't know how to check the joomla database in node. I have never done anything like this before. I looking for someone to point me in the right direction. – Lorenzo von Matterhorn Aug 13 '15 at 06:55
  • @user2190986 a Joomla database is typically just a normal MySQL database (though I believe it could be others as well). So it seems what you really should look for is how to access SQL databases from node - for which there are plenty of resources online. You'd connect to the database and query the joomla users table to do the authentication. – GrandmasterB Aug 13 '15 at 07:22

1 Answers1

1

Make sure your hashed Joomla password is in your Mongo Db; from your Joomla app you need a call to do that job. In php a curl job can do that job.

Joomla uses bcrypt to hash its passwords so you need a node package for that. There's several and I only succeeded with bcryptjs ;

Now you need to make the authentication mechanism in your Node app that checks against the db. This is Mongoose talking to Mongo. I'll show the snippet where bcrypt makes the comparison. 

function authenticate(req, res, next)
{
var body = req.body;

User.find({username: body.username}, function (err, theuser)
{
    if (theuser.length == 1)
    {
        bcrypt.compare(body.password, theuser[0].password, function (err, ismatch)
        {
            if(ismatch)
            {
                user = {joomlaid:theuser[0].joomlaid,username:theuser[0].username, name:theuser[0].name, useremail:theuser[0].useremail};
                console.log('found user: ' + JSON.stringify(user));
                next();
            }
            else
            {
                console.log("user found but no matching passwords" + ismatch);
                res.status(401).end('Password incorrect');
            }
        })
    }
    else
    {
        console.log('no user found... ' + JSON.stringify(user));
        res.status(401).end('Username or password incorrect');
    }
});

In the struggle to make this I made use of an online bcrypt (de)coder

Jan Doggen
  • 1,140
  • 4
  • 16
  • 22
Albert
  • 11
  • 3