我有一個PHP API服務,我第一次登錄,使用AJAX之前發送和setRequestHeader和我保存在localStorage的我的用戶名和密碼:科爾多瓦安全認證在阿賈克斯
function Login(username, password) {
alert(username);
alert(password);
$.ajax({
url: 'APILink',
type: 'post',
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", "Basic " + btoa(username + ":" + password));
},
success: function (data) {
alert("data" + DecryptData(data.pationts_pationtid));
alert("data" + DecryptData(data.pationts_nationalid));
alert("data" + DecryptData(data.pationts_pationtfirstname));
alert("data" + DecryptData(data.pationts_pationtlastname));
alert("data" + DecryptData(data.pationts_password));
alert("data" + DecryptData(data.pationts_password));
sessionStorage.setItem("username", username);
sessionStorage.setItem("password", password);
$.mobile.navigate("index.html");
},
error: function (xhr, ajaxOptions, thrownError) {
alert("error" + xhr.responseText);
alert("errrrrrr" + thrownError);
}
});
}
和下一次在我的AJAX技術,我從會話存儲用戶名和密碼:
var username = sessionStorage.getItem("username");
var password = sessionStorage.getItem("password");
$.ajax({
url: 'http://localhost:17225/notification/index',
type: 'post',
beforeSend: function (xhr) {
xhr.setRequestHeader("Authorization", "Basic " + btoa(username + ":" + password));
},
success: function (data) {
alert("data" + data);
},
data: {
deviceId: sessionStorage.getItem("deviceId"),
platform: device.platform,
//Orders : orders
drugname: value.drugname,
instruction: value.instruction,
time: value.time,
dose: value.dose
},
error: function (xhr, ajaxOptions, thrownError) {
alert("er" + xhr.responseText);
alert("er" + thrownError);
}
});
但現在我聽說在localStorage的保存密碼並不安全,我想使用OAuth安全認證。但我不知道如何在ajax網址中使用oAuth。可以請幫助我做到這一點?
謝謝
您可以使用本地存儲插件保存令牌在android共享PR推理https://github.com/TheCocoaProject/cordova-plugin-nativestorage – Akis
@Akis:這個插件是否安全保存密碼? –
@Akis:我在科爾多瓦聽說過oAuth。可以使用這個還是不是? –