| title | description | services | documentationcenter | author | manager | editor | ms.assetid | ms.service | ms.workload | ms.tgt_pltfrm | ms.devlang | ms.topic | ms.date | ms.author |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Add authentication on Apache Cordova with Mobile Apps | Microsoft Docs |
Learn how to use Mobile Apps in Azure App Service to authenticate users of your Apache Cordova app through a variety of identity providers, including Google, Facebook, Twitter, and Microsoft. |
app-service\mobile |
javascript |
conceptdev |
crdun |
10dd6dc9-ddf5-423d-8205-00ad74929f0d |
app-service-mobile |
na |
mobile-html |
javascript |
article |
10/30/2016 |
crdun |
[!INCLUDE app-service-mobile-selector-get-started-users]
In this tutorial, you add authentication to the todolist quickstart project on Apache Cordova using a supported identity provider. This tutorial is based on the Get started with Mobile Apps tutorial, which you must complete first.
[!INCLUDE app-service-mobile-register-authentication]
Watch a video showing similar steps
[!INCLUDE app-service-mobile-restrict-permissions-dotnet-backend]
Now, you can verify that anonymous access to your backend has been disabled. In Visual Studio:
- Open the project that you created when you completed the tutorial Get started with Mobile Apps.
- Run your application in the Google Android Emulator.
- Verify that an Unexpected Connection Failure is shown after the app starts.
Next, update the app to authenticate users before requesting resources from the Mobile App backend.
-
Open your project in Visual Studio, then open the
www/index.htmlfile for editing. -
Locate the
Content-Security-Policymeta tag in the head section. Add the OAuth host to the list of allowed sources.Provider SDK Provider Name OAuth Host Azure Active Directory aad https://login.microsoftonline.com Facebook facebook https://www.facebook.com Google google https://accounts.google.com Microsoft microsoftaccount https://login.live.com Twitter twitter https://api.twitter.com An example Content-Security-Policy (implemented for Azure Active Directory) is as follows:
<meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://login.microsoftonline.com https://yourapp.azurewebsites.net; style-src 'self'">Replace
https://login.microsoftonline.comwith the OAuth host from the preceding table. For more information about the content-security-policy meta tag, see the Content-Security-Policy documentation.Some authentication providers do not require Content-Security-Policy changes when used on appropriate mobile devices. For example, no Content-Security-Policy changes are required when using Google authentication on an Android device.
-
Open the
www/js/index.jsfile for editing, locate theonDeviceReady()method, and under the client creation code add the following code:// Login to the service client.login('SDK_Provider_Name') .then(function () { // BEGINNING OF ORIGINAL CODE // Create a table reference todoItemTable = client.getTable('todoitem'); // Refresh the todoItems refreshDisplay(); // Wire up the UI Event Handler for the Add Item $('#add-item').submit(addItemHandler); $('#refresh').on('click', refreshDisplay); // END OF ORIGINAL CODE }, handleError);This code replaces the existing code that creates the table reference and refreshes the UI.
The login() method starts authentication with the provider. The login() method is an async function that returns a JavaScript Promise. The rest of the initialization is placed inside the promise response so that it is not executed until the login() method completes.
-
In the code that you just added, replace
SDK_Provider_Namewith the name of your login provider. For example, for Azure Active Directory, useclient.login('aad'). -
Run your project. When the project has finished initializing, your application shows the OAuth login page for the chosen authentication provider.
- Learn more About Authentication with Azure App Service.
- Continue the tutorial by adding Push Notifications to your Apache Cordova app.
Learn how to use the SDKs.