NetTalk Central

NetTalk Web Server => Web Server - Ask For Help => Topic started by: kboller on April 29, 2016, 08:01:14 AM

Title: Web Login via QR code?
Post by: kboller on April 29, 2016, 08:01:14 AM

   I'm trying to find a way to make logins easier for users with mobile devices.  Is it possible to embed a http post command in a QR code so embedded user/password information could be read and sent to the app server as a way to authenticate/login as opposed to manually entering a user name/password?  If you feel this is a bad idea feel free to tell me why.   :)

Thanks,

Kurt

Title: Re: Web Login via QR code?
Post by: Sibuya on April 29, 2016, 12:38:09 PM

Hi Kurt,

I don't know if it works in mobile but you can encode TAB and ENTER commands inside QR Code to try to "emulate" typing. So your application remains the same.

Cheers,

Marcos

Title: Re: Web Login via QR code?
Post by: Matthew51 on April 29, 2016, 02:40:15 PM

I don't know much about QR codes, but from what I know this would be one of the best solutions:

You embed a login token in the QR code's url, ie: https://www.KurtSite.com/QRLogin?LoginToken=[Big number]

You can read in this number using p_web.GetValue('LoginToken')

You would need a LoginToken as a column in your login table, with a unique key so you can look up who is logging in and handle your login login as normal.

This method protects the user name and password.  Though anyone with a QR reader could learn the login token.  Any method chosen would have this problem.

Matthew

Title: Re: Web Login via QR code?
Post by: kboller on April 29, 2016, 05:49:06 PM

Thanks for the ideas.  Matthew's sounds good.  I'm thinking of having the user have an id card with a login QR code they can scan to "login".  Then they can continue to access the database with record specific QR codes. I was hoping to be able to send a HTTP post via a QR scan to protect the data but if that's not possible then Matthew's idea might be second best.

Thanks,

Kurt