Is that possible the hack different user capabilities in app?

coderontheroad · December 13, 2015, 7:07pm

Hello, i am new here (:

I am planning to develop an app for students and teachers communication. But they will have different capabilities. For example teachers can create courses but students can’t create courses. Students only can attend to courses. Because of the application written in javascript can students hack the application through browser? Like we did for debugging with browser? Can be modify with someway?

I know i can get secure through backend api. But i just want to learn students can reach teachers ui or not?

gmarziou · December 13, 2015, 7:28pm

It’s easy to unzip the apk or ipa of an ionic app and be able to read the view templates, the only way is to secure the data access on backend.

coderontheroad · December 15, 2015, 11:25am

Thanks for answer. So, i have another question. Is that possible to secure access token for api connection? Or if user wants can unzip the apk and can see the access token or url variables for accessing api?

ebreo · December 15, 2015, 11:45am

you should have in your config client_id/client_secret and then you have to retrieve an access_token by a request