What are some best-practices for web-based iOS applications? - ios

I have recently started playing around with iOS development and have got most of the basics down. I would however like to know about some best practices and what you guys think is the best in coding practice and application architecture.
What I have in mind is a simple application that gets information from a web server, displays the data to the user, and allows the user to edit the data which must then be updated on the web server.
What I would like to know is:
1) What type of web server / architecture is best suited for something like this? For example, data passing / updating similar to something like the facebook or twitter etc. applications where data is retrieved, potentially updated, and sent back for updating.
2) What type of authentication / security can be built into an application like this? I was thinking something in the line of username / password being stored on the server. Obviously the data should be secure when being transfered.
3) Are there any "free" web servers out there to play around with. I'm not building anything enterprise size, just need somewhere to play. Would the Google App Engine be suitable for something like this? What I have thought up to now is that you would probably need to implement a web service or something. Is this correct? Or are there better ways?
4) Are there any good tutorials around? I have started looking at the ones in the apple.com developer center, but I would like to get other people's point of views too.
I realise these are not really programming questions, but I would appreciate any insight that some more experienced iOS developers have. I would like to get the best practices down by incorporating the above into an app.
Thanks!

This doesn't sound like you need an iOS app, more like just a browser based app that works on the iPhone. If you need features like the GPS, Camera, Gyroscope, taking offline things that are native to the phone, then yes build it on iOS.
But if it's a simple web application that performs the operations you mentioned, then you can look at building a mobile web application. The nice thing is that it will work across iPhone, Droid, WiMo 7, really anything that can host a browser.
1) You can pick almost anything you're comfortable with. I program in both ASP.NET and Python for web apps. Personally, I'm building a web app on Django with Python. It's cheap (free) and there are lots of resources for learning as well as an active community.
2) Security is a rather large topic, there are many things beyond authentication and authorization, like cross-site scripting, sql injection, etc that need to be taken into consideration. Django has some things that help with this. But at the simplest you can secure your site with SSL encryption when performing authentication. You should also consider OpenID as an alternative for authentication, like how StackOverflow gives you the option.
3) I do all my "play" on my macbook pro or pc at home. You can do all of this for free on your own machine, and when you're ready to deploy pick a host, like Amazon or something like Media Temple.

Related

Build entire iOS app as a website?

This might be a silly question, but wondering if I was able to build an iOS app completely in a UIWebview. Essentially not have one thing be native to iOS.
You can actually. There are several ways to use HTML5, CSS3, and Javascript to make mobile apps like iOS. You can use frameworks/programs like Cordova/PhoneGap. These frameworks/programs can let you use web languages and then compile it into an executable for the device. Something that can be submitted to the AppStore. Whether or not Apple accepts it thats another story. ;)
The other thing you can do is you want it to completely run off the web is you can essentially build a web app on a server like any other web app. However, you can put in CSS3 media queries and Javascript that can detect the size of the screen. Users can use their built in web browsers to access your site. If the screen isn't the right size, then you can redirect the user like if they try to access it with a laptop. With this method you can use server side scripting languages like PHP to do your computation processing. However, connection is required to the server and if a whole lot of people log in to your server, then the server can get bog down.
If you are interested in using web base languages for mobile applications, I highly suggest looking into PhoneGap/Cordova.

How to create a server accessible by an iphone app

I a thinking of creating an iPhone/iOS app that would include a feature where one user could create a list of words and then save them to their account on a server. Also (and this is very important), the user could share their list with other users by giving them permission.
So my question is, how can I go about creating such a server? For right now, I have a home computer (running Windows XP that just stores data for my music system) which I can use to host the server. I am also open to the use of other online storage services like Google Drive or Dropbox (I can't remember if Amazon does anything like that). However (and I know this may complicate things a bit), but at least for now, I want/need to stick with free services/options.
Just to recap, the key features that I am looking for are:
create users/accounts (on the server)
eventually I may [try] to incorporate the use of other services to log users in like with their email account, OpenId, etc.
the ability to access (log in to) the server (with credentials) from my app
the ability to send/receive data between the server and my app
the ability to share data between users
I know this is a lot to ask for, but if anyone has any suggestions or can get me going in the right direction, it would be much appreciated.
The basic setup would be as follows:
Backend: Database (MySQL), Web server (Apache), with server side scripting (PHP).
Client: iOS device with developed app.
Communication: use HTTP client/server model, communicating with something like JSON.
This is much the same setup as a web server, but instead of serving html/css/javascript etc the results will be JSON.
As far as implementing specifics such as login in, and sharing data between users, this is purely dependent on your implementation. This is not trivial, and not something that can be easily stated in a single post.
Hope this helps.
You could build your own webservice in PHP, Ruby or Python. If you do so I would recommend building a RESTful webservice (http://en.wikipedia.org/wiki/Representational_state_transfer) and then use RestKit (http://restkit.org/) to handle the data in the iOS app. Especially RestKit's CoreData integration is nice in my opinion.
Another solution would be using a service like Parse (https://parse.com/products/data). The first million or so requests per month are free but after that it could get pricy. I personally have not tried it so I couldn't tell you if it is any good.

Creating a unique-per-user passcode that cannot be employed by other users

I'm developing an iPhone game, and thanks to some backers, I got the funding for finishing it.
I wanted to give rewards to those backers with a "passcode"; they will simply enter the passcode and get rewards in the game.
Of course, any one of them would be able to distribute that passcode to the public...and that's a problem.
What is the best way to achieve something like this? Some kind of one-use password?
My first idea was to connect to a remote MySQL server from my game and check that password if it has been used before etc. But I was told that I shouldn't do that directly, that I need some kind of intermediate platform for it. So for the sake of simplicity, what are your ideas?
You could build some web services yourself to interact with your app. Alternatively you could choose a service that claims to do this for you - e.g parse.com. Have a look at the 'user management' section of the homepage of that site. I don't know how stable Parse is but it does look promising for what you want to do, if you don't want to spend a lot of time. There must be some alternatives out there as well.
Not certain but i dont think there is an MySQL driver handy for this architecture, so writing directly to a server on port 3306 is out of the question (as well as being a huge security risk for your server). I would probably write some simple rest API (in PHP), server side, and do a REST call to the server from the iOS app, a simple request-response over http(s). The response could probably be an xml file (aka a plist) that you could store in the Documents directory - your cue moving forward that the device has a privileged access to your goodies. The server would interface the MySQL to 'consume' the passphrase. PHP can be setup to be relatively safe (from SQL injections, and other 'bad' things).
These two tutorials by Ray Wenderlich demonstrate almost exactly what you want to do. Set up a MySQL database with a Php interface.
Part one:
http://www.raywenderlich.com/2941/how-to-write-a-simple-phpmysql-web-service-for-an-ios-app
Part two:
http://www.raywenderlich.com/2965/how-to-write-an-ios-app-that-uses-a-web-service

iOS How to allow users to register an account / How to make a database of users

I am in the planning stages of building an App for iphone / ipad (yes, very early stages)
I am basically wondering how much work is involved in having a seperate user registration process for an app i.e. letting users register an account and use login using that account and use the app.
Will this involve constructing / coding an entirely new database or is there software available that automates this process?
thanks in advance
You could have a look at a service like StackMob.
This allows you to utilise server based services with no server-side implementation on your part.
These guys here: parse.com are doing a great job to facilitate developers the setup of a cloud database to do many tasks that are common in iOS apps.
In particular there is a section dedicated to user management (sign-up and sessions) that is well described here: Parse iOS guide
Finally the service offers some user interface help also, look here even if probably it is better to give to the UI some personalization by coding your own UI.
There are some implementations, but if your app is going to have custom code executed by server, you'd better make your own code.
Use a server side language (php, perl, ruby, python, java) to do the registration.
You'll probably need a REST service and/or json if you are going for easy peasy stuff (if you are to web apps programming). Otherwise, you'll need to do xml parsing and other stuffs. Use asi-http for the interactions between server and the app, or if you are using ios5.x it has already a json parsing implementation.

How can I retrieve updated records in real-time? (push notifications?)

I'm trying to create a ruby on rails ecommerce application, where potential customers will be able to place an order and the store owner will be able to receive the order in real-time.
The finalized order will be recorded into the database (at the moment SQLite), and the storeowner will have a browser window open, where the new orders will appear just after the order is finalized.
(Application info: I'm using the HOBO rails framework, and planning to host the app in Heroku)
I'm now considering the best technology to implement this, as the application is expected to have a lot of users sending in a lot of orders:
1) Each browser window refreshes the page every X minutes, polling the server continuously for new records (new orders). Of course, this puts a heavy load on the server.
2) As above, but poll the server with some kind of AJAX framework.
3) Use some kind of server push technology, like 'comet' asynchronous messaging. Found Juggernaut, only problem is that it is using Flash and custom ports, and this could be a problem as my app should be accessible behind corporate firewalls and NAT.
4) I'm also checking node.js framework, seems to be efficient for this kind of asynchronous messaging, though it is not supported in Heroku.
Which is the most efficient way to implement this kind of functionality? Is there perhaps another method that I have not thought of?
Thank you for your time and help!
Node.js would probably be a nice fit - it's fast, loves realtime and has great comet support. Only downside is that you are introducing another technology into your solution. It's pretty fun to program in tho and a lot of the libraries have been inspired by rails and sinatra.
I know heroku has been running a node.js beta for a while and people were using it as part of the recent nodeknockout competition. See this blog post. If that's not an option, you could definitely host it elsewhere. If you host it at heroku, you might be able to proxy requests. Otherwise, you could happily run it off a sub domain so you can share cookies.
Also checkout socket.io. It does a great job of choosing the best way to do comet based on the browser's capabilities.
To share data between node and rails, you could share cookies and then store the session data in your database where both applications can get to it. A more involved architecture might involve using Redis to publish messages between them. Or you might be able to get away with passing everything you need in the http requests.
In HTTP, requests can only come from the client. Thus the best options are what you already mentioned (polling and HTTP streaming).
Polling is the easier to implement option; it will use quite a bit of bandwidth though. That's why you should keep the requests and responses as small as possible, so you should definitely use XHR (Ajax) for this.
Your other option is HTTP streaming (Comet); it will require more work on the set up, but you might find it worth the effort. You can give Realtime on Rails a shot. For more information and tips on how to reduce bandwidth usage, see:
http://ajaxpatterns.org/Periodic_Refresh
http://ajaxpatterns.org/HTTP_Streaming
Actually, if you have your storeowner run Chrome (other browsers will follow soon), you can use WebSockets (just for the storeowner's notification though), which allows you to have a constant connection open, and you can send data to the browser without the browser requesting anything.
There are a few websocket libraries for node.js, but i believe you can do it easily yourself using just a regular tcp connection.

Resources