-
Notifications
You must be signed in to change notification settings - Fork 2
Authenticating a user
The Community iOS SDK supports browsing through Khoros Communities irrespective of being a logged-in or an anonymous guest. However, to participate in the community activities like posting a question or blog article, replying to a post, or giving kudos to a post, a user must be a signed-in, registered community member.
The SDK supports Lithium Registration and LithiumSSO authentication options. After a user authenticates through one of these options and receives the corresponding access keys, the SDK makes calls to the Community REST APIs on behalf of the logged-in user using those keys.
An anonymous user will receive a 401 error (Unauthorized) if the user attempts to perform an action that he or she does not have permission to do. We show an example of how to check for a 401 error and how to start the login flow when attempting to perform an unauthorized action in our Tutorial guide.
As we've described in Getting Started, the authentication flow is launched explicitly in your code. You may include it in your initialization code, or trigger the flow at some point after you have initialized the SDK, such as when the user attempts to perform an action like replying to a message or giving a kudo. See Initializing the SDK for the initialization instructions.
This guide includes:
The Community iOS SDK supports the following user authentication options:
- Lithium Registration
- LithiumSSO token authentication
- Custom SSO - Custom SSO integrations require a Lithium Services engagement
Lithium Registration is the most basic authentication method. It is configured in Community Admin. A community user creates an account by providing an email, username, and password. Lithium stores all account information. Password management actions such as Forgot Password or Password Reset are done through the platform.
A username, email, and password are required when creating an account, although Lithium Services might have added additional, required registration fields requested by your Community team during launch.
LithiumSSO uses a token created using the Community API LithiumSSOClient class. (See LithiumSSO token authentication for sample token-generation code.) After creating the token, store the token as a String in a variable.
In addition to our SSO developer documentation mentioned above, also see our Administrator's guide and our article about configuration options in Community Admin, located in the Documentation Knowledge Base.
The SDK launches the Lithium Registration login flow with LiLoginViewController where the user enters a username and password. When using SSO, authentication occurs in the background. We do not allow customization to the Lithium Registration UI at this time.
- Initiate the authentication/login flow by implementing the
LiAuthorizationDelegateprotocol from the view controller where you initialize login. - Set the view controller as the delegate for
LiSDKManager.shared().liAuthManager.liLoginDelegate. - Initialize login using
initLoginFlow:- For Lithium Registration, initialize login using
LiSDKManager.shared().liAuthManager.initLoginFlow(from: self, withSSOToken: nil). - For LithiumSSO or a custom SSO integration, initialize login using
LiSDKManager.shared().liAuthManager.initLoginFlow(from: self, withSSOToken:your sso token).
- For Lithium Registration, initialize login using
- Call
function login(status: Bool, errorMessage: String?)to determine successful login and return an appropriate error messages if unsuccessful.
This example initiates the Lithium Registration login flow when the user taps a Login button. Upon successful login, the app instantiates the LiHomeViewController, the landing page if using the Support UI.
import UIKit
import LiCoreSDK
import LiSDKUIComponents // Required only if using the Support UI package
class ViewController: UIViewController, LiAuthorizationDelegate {
// When the user taps the Login button, begin the login flow
@IBAction func onLogin(_ sender: UIButton) {
// Set the view controller as the delegate for LiSDKManager.sharedInstance.liLoginDelegate
LiSDKManager.shared().liAuthManager.liLoginDelegate = self
// Initiate the login flow
LiSDKManager.shared().liAuthManager.initLoginFlow(from: self, withSSOToken: nil, deviceToken: deviceToken, notificationProvider: NotificationProviders.apns)
}
func login(status: Bool, userId: String?, error: Error?) {
// A status of true indicates successful login.
// userId: is the id of the user logged in. This can be used to get user activity and user profile.
// Direct the user to the desired view controller (LiHomeViewController if using the Support UI).
if status {
let vc = LiHomeViewController.makeHomeViewController(isSSOLogin: false, ssoToken: nil, deviceToken: deviceToken, notificationProvider: NotificationProviders.apns)
self.navigationController?.pushViewController(vc, animated: true)
} else if let error = error {
// Handle error
}
}
}
When using a push notification provider, you must pass the device token ID used to register that device for notification using one of the following methods on LiAuthManager. Note that you will call the initLoginFlow methods from LiSDKManager.
The call will look like one of the following. The first uses Lithium Registration. The second uses LithiumSSO:
LiSDKManager.shared().liAuthManager.initLoginFlow(from: UIViewController, deviceToken: String?, notificationProvider: NotificationProviders?)
LiSDKManager.shared().liAuthManager.initLoginFlow(from: UIViewController, withSSOToken: String?, deviceToken: String?, notificationProvider: NotificationProviders?)
Use LiSDKManager.shared().liAuthManager.isUserLoggedIn() to check the login status of a user.
if LiSDKManager.shared().liAuthManager.isUserLoggedIn() {
// do something
} else {
// do something else
}
Use LiSDKManager.shared().liAuthManager.logoutUser() to logout a logged in user.
LiSDKManager.shared().liAuthManager.logoutUser() { (error: Error?) in
if error == nil {
// logout successful
} else {
// handle error
}
}