I'm currently looking at creating a mobile application which integrates with a Magento store and have managed to get many aspects of it working using the SOAP API such as retrieving products and categories.
I am now looking to solve an issue where I need the user of the mobile app to login in with their Magento customer login details, however looking through the SOAP API there is no method for an actual customer to login?
Does anyone have any idea of how I can perform this task.
Thanks
Actually its quite easy to authenticate a customer in your case. The customer info SOAP response gives us the password_hash of the user registered in Magento. This hash is an md5 hash which can authenticated using the password which the user will enter along with his email in your system. I have a sample code below hope this helps anyone looking for this answer.
$complexFilter = array(
'complex_filter' => array(
array(
'key' => 'email',
'value' => array('key' => 'eq', 'value' => '[email protected]')
)
)
);
$result = $proxy->customerCustomerList($sessionId, $complexFilter);
var_dump($result);
/**
* Validate hash against hashing method (with or without salt)
*
* @param string $password
* @param string $hash
* @return bool
*/
function validateHash($password, $hash)
{
$hashArr = explode(':', $hash);
switch (count($hashArr)) {
case 1:
return md5($password) === $hash;
case 2:
return md5($hashArr[1] . $password) === $hashArr[0];
}
}
var_dump(validateHash('asdfgh',$result[0]->password_hash));