Develop a simple Android application that allows a user to authenticate to a remote web service (written in PHP),
Authentication on the server (including account creation, forgotten password and email verification) should entirely re-use the mechanism already implemented in Wordpress (hosted on the same site).
The PHP web service can access the mySQL database used by Wordpress.
Once the account is created using the Wordpress standard mechanism on the server, the Android client should store the username and password so that the user does not have to enter them every time she needs to use the web service.
Upon successful user authentication, a token should be generated that allows the user to recognized by the webservice; such token should be sent by the Android client by adding it to its HTTP requests. The PHP server recognizes the user by checking the token. The token should be valid for a specified amount of time (max 1 month), after which a new token should be generated.
This project includes two parts: the Android client and the PHP web service. It is assumed that Wordpress 3.5 is installed on the same site (Linux hosted).
The Android client should have:
1. an activity that prompts the user to enter a username a password (in case the account does not exists and should be created) NOTE: this should not be a WebView but rather a native form;
1b. the activity above should allow: new account creation, login, logout and lost password recovery
2. a progress dialog prompting the user that account creation (or authentication in case the user already has an account) is in progress
3. an authentication result notification (toast is sufficient), credentials/token stored in a secure way in the client
4. a second activity that uses the authentication token to send a dummy request to the PHP web service, so that the user is recognized
The PHP web service should include:
1. an authentication page that uses Wordpress for user account creation and maintenance (i.e. eventually the new account should also be able to access the Wordpress blog with the same username and password)
2. a dummy PHP page that receives the authentication token, checks its validity and is able to identify the user by searching the mySQL database