Sorry for the rather ambiguous title but I’m developing a Sencha Touch mobile app and have built a REST-based WCF web service to supply the data and need to find out the best way to handle user logins and keeping their session alive throughout the app.
Now because I’m needing to use JSONP for connecting with the web service this limits the options for authentication and session handling. I could just save the user’s credentials in local storage in the app and pass them with every call the service but this can’t be the best solution. Some have mentioned passing the credentials to a login method on the web service and passing back a sessionid which is then sent with each further call. However I’m not sure how to create the session in the first place using WCF and how to keep it alive using the sessionid passed in.
Can anyone recommend a technique for achieving this?
jsonp is a great trick to get data from a foreign service. But since you are the owner of the webservice, you could add an Access-Control-Allow-Origin: * header to the http response and switch to ajax mode. Then, you can use the standard authentication procedure.