4

I've set up a standard Ionic Framework (with ionic start myapp tabs), and I've got a Laravel PHP backend on the other side (which has the database and so on).

Now what I want is to ask the database of my backend from my mobile-app (it'll be a native app, compiled by PhoneGap). There's problems with CORS to be solved, it seems, and I've read a lot of approaches on how to do it, but none really worked.

What is a good way to authenticate (token-based) to my external backend server, and then, once authenticated ask the server API for various things? Does anyone additionally have a good tutorial and/or working example?

Improve this question
1

3 Answers 3

Reset to default
2

This is the tutorial may help you how to use token system with angular and node js.Coming to data base you can use mysql.When using token based authentication header should have a valid token on every end point to server.you can your feasible token generators also lik oauth2.

http://code.tutsplus.com/tutorials/token-based-authentication-with-angularjs-nodejs--cms-22543

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

1

To solve CORS problem add this php code to the head of your php api

if (isset($_SERVER['HTTP_ORIGIN'])) {
    header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
    header('Access-Control-Allow-Credentials: true');
    header('Access-Control-Max-Age: 166400'); 
}
Improve this answer

Comments

0

I don't know whether this response can do something good right now. But to be precise, CORS can be avoid by following below steps.

First create a separate php file in your server and named it as "api.php" (or whatever you prefer) and include this.

   <?php
       if (isset($_SERVER['HTTP_ORIGIN'])) {
           header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
           header('Access-Control-Allow-Credentials: true');
           header('Access-Control-Max-Age: 86400');    // cache for 1 day
       }

       // Access-Control headers are received during OPTIONS requests
       if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

           if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
                header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         

           if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
                header("Access-Control-Allow-Headers:        {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

           exit(0);
       }
   ?>

Then in you other php files which send responses to the client use

   include_once './api.php'; // or the name use above

That will do the trick.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.