Android app Authentication Mechanism for Prestashop

[v.samadi]

I'm going to develop an Android application for my Prestashop. Prestashop provides Webservice which uses a KEY to authenticate/authorize access to web-service. However I want to provide a system which every single user of Prestashop can put orders using his/her user/password pair.

So I want to know how can I check if user/pass entered in my Android app is valid in Prestashop and then provide right level of access to him or let him put orders on my shop. I don't know the right mechanism. Should I develop my custom module for user authentication or there are some built-in mechanism inside Prestashop for this?

[darknessgc]

Hi,

 

I'm interested in you subject.

 

I'm looking to do the same things too , it's seems not easy to be able to control resources rights using an authentification... I don't want, and I'm sure you too, any customer with the api key able to see every customer private informations.

 

If you find a way... let me know , i'll do the same.