A demo of a better authentication flow for tvOS apps using iOS
For more background, read the blog post
In your terminal:
- Go into the iOS directory:
cd iOS/TriplePlay
- Install Cocoapods:
pod install
- Open project in Xcode:
open TriplePlay.xcworkspace
The build and run the app from Xcode.
In your terminal:
- Go into the iOS directory:
cd tvOS/Timehop
- Install Cocoapods:
pod install
- Open project in Xcode:
open Timehop.xcworkspace
The build and run the app from Xcode.
In practice, you wouldn't actually want to pass the authentication token. In this example, anyone listening for the _timehop_auth._tcp.
would be able to grab the (potentially sensitive) data you're passing to the tvOS app.
Some alternate flows could be:
- Flip the roles. Have the tvOS provide the service and send over a single use token. The iOS app could then take that token and pass it to the backend service. The tvOS app could poll the backend service to see if anyone has authenticated using that one time token.
- Dynamically create the service name. The service type is hard coded in this example, but you could display a randomly generated token in the tvOS app and enter it on the iOS app. You could then be listening / publishing to a service of type
_timehop_auth_RaNd0mt0ken._tcp.
MIT. See LICENSE