Lessons from developing a Client Server Iphone app

Lessons from developing anIphone App + Server backend
Sujee Maniyam
s@sujee.net
http://sujee.net
http://DiscountsForMe.net
Aug 2009

Target Audience
Iphone app developers
Server backend developers for mobile apps
Expert level: Beginner - Intermediate

My Background
Developer (enterprise, web)
Java / Php / Ruby
First iphone/mobile app

App: DiscountsForMe
Shows member benefits
Based on location
V1.0 in app store
Memberships:
Public radio (KQED)
Bank of America card
AAA, AARP
More…

Architecture
Server (DiscountsForMe.net) serves data
Server is Rails app
Iphone app talks to the server
<Insert usual SERVER ---- INTERNET CLOUD ---- IPHONEpicture here>

Agenda
Connectivity
Data format
Secure Data trasnfer
UDIDs & Keys
Controlling app from server

Connectivity : Simple Start
App makes three server calls
ping()
get_memberships()
get_discounts(my_location, my_memberships)
Simulator
Iphone over Wi-fi
Iphone over 3G
LAG-TIME is a problem

Connectivity : Minimize Lag Time
Noticeable lag time over 3G/Edge
Reducing lag time
Condense network calls (especially if the user is waiting for data)
Download in background
So
Get_memberships()
Get_discounts(my_location, my_memberships)
get_memberships_and_discounts(loc, mymems)

Iphone Connectivity
BIG LESSON 1 :
Test on IPHONE (not just simulator)
Test with WiFi OFF! (3G can be slow to connect, EDGE even worse)
You may need to reorganize the logic to improve response time (I had to)
LESSON 2
Test in AirPlane Mode (all RADIOS off)(a frequent reason network apps are rejected )

Connectivity Test
Quick Ping
Which is faster?
httpS://www.DiscountsForMe.net/ping
http://www.google.com
SSL always takes longer to establish connection
Use faster sites
Another snippet from Erica Sadun’s book(to be verified)

Talking to Server : Format
Two choices : XML, JSON
JSON smaller size than XML (50% less)
Json : use TouchJSON library http://code.google.com/p/touchcode/wiki/TouchJSON
XML : NSXML(sdk) / TouchXML / KissXMLhttp://www.71squared.co.uk/2009/05/processing-xml-on-the-iphone/

Agenda
Connectivity
Data format
Secure Data transfer
UDIDs, Keys, analytics

Secure Data Transfer
Plain HTTP is fine most of the time
If you want to secure data
Symmetric key encryption (shared ‘seckr3t’ key on Iphone app and server)
Public-private key encryption (e.g. SSH) : private key on server, public key on iphone
httpS

Secure data transfer : httpS
SSL is ‘good enough’ for most of us
Get a proper SSL certificate ($30). Self-signed certs don’t work by default
Beware connection time is a little longer for httpS
Verify your ssl certificate is installed properlyhttp://www.digicert.com/help/

Verify SSL Cert…

Talking to Server : POST req
NSMutableURLRequest *request = [NSMutableURLRequestrequestWithURL:url];
[request setHTTPMethod:@"POST"];
NSMutableString *postString = [NSMutableString string];
[postStringappendFormat:@"%@=%@&", key, value];
NSString *postString2 = [postString stringByAddingPercentEscapesUsingEncoding:NSUTF8StringEncoding];
[request setHTTPBody:[postString2 dataUsingEncoding:NSUTF8StringEncoding]];
NSURLResponse *response = nil;
NSError *error = nil;
NSData *data = [NSURLConnectionsendSynchronousRequest:requestreturningResponse:&responseerror:&error];

Talking to Server : Local Server
#ifdef DEBUG// dev
#define MEMBER_SERVER @”http://localhost:3000”
#else// production
#define MEMBER_SERVER @”https://discountsforme.net”
#endif
- And define ‘DEBUG’ in build configurations

Talking to Server : Dedicated Class
Don’t do URL connections all over the code. Have a class do it
Easy to debug
Use named methods (getDiscounts Vs connectToURL)
@interface ServerConnection : NSObject {
}
+ (BOOL) testConnectivity;
+ (BOOL) isConnected;
+ (NSArray *) getMemberships;
+ (NSArray *) getDiscounts:(NSDictionary *) params;
@end

Agenda
Connectivity
Data format
Secure Data transfer
UDIDs, Keys, multiple versions, analytics

What do I send to the server?
get_memberships()
No parameters?...
Think about including
UDID (device id)
And a Key (compiled within the app)
http://discountsforme.net/iphone/get_memberships
http://discountsforme.net/iphone/get_memberships?udid=xxxx&key=yyyy

Server Side : Unique Device ID
Each mobile device has a uniq ID, etched in hardware (just like MAC address)
Your app can send UDID with each request
Of course : encrypt it or via SSL
Very useful for metrics on app usage
How many unique devices have the app
Access patterns (repeat uses)
Easy account creation (no signup)

Server side : access keys
Start using ‘access keys’ from day-1
Sample key = “iphone_v1.0_xklajdfoi2” (human readable + hard to guess)
Each request to server must have a valid key
Easy to control client access
Prevent scraping, DOS ..etc
Monitoring (what versions are being used)
Support multiple versions, easy upgrade

Supporting multiple versions
May be supporting 2-3 client versions at a time (users don’t always run the latest)
Keep old ‘API’ around, build-out new API if (is_v2_or_later(key)) { do something } else {do some thing else}
This can get convoluted (see next page…)

Supporting multiple clients…

Supporting Multiple Clients…
Have different controllers handle different client versions#define SERVER @”https://foo.com/iphone1”#define SERVER @”https://foo.com/iphone2”
Make sure to avoid code duplication
Plan-B : End-of-life
If ( ! is_supported_version(key)){send_msg(“please upgrade”);}

Server side : keeping it secure
Make sure ‘secret stuff’ doesn’t get logged in log-files
In Rails : class Mobile::MobileController < ApplicationControllerfilter_parameter_logging [:key, :uid]
end
Output:
Processing IphoneController#get_memberships_and_discounts (for 166.137.132.167 at 2009-07-02 16:07:41) [POST]
Session ID: 126e5a73742f92f85c1158ea63fd960a
Parameters: {"loc"=>"39.282440,-76.765693", "action"=>"get_memberships_and_discounts", "uid"=>”[FILTERED]", "controller"=>"mobile/iphone", "dist"=>"25", "mems"=>"", "key"=>"[FILTERED]"}

Server side : Metrics : Logs
Log every thing to database, don’t rely on logfiles
This gives you pretty good metrics on your app usage
On Rails, use around_filteraround_filter :log_access, :only => [:get_discounts, :get_memberships]
Thirdparty metrics : FLURRY, PinchMedia…

Server side : logging in Rails
def log_access
start_time = Time.now
yield
end_time = Time.now
elapsed = ((end_time - start_time)*1000.0).to_int
begin # b/c we don’t want to error during logging
alog = MemberAccessLog.new
alog.client_type_id = client_type_id
alog.session = session.session_id
….
alog.save!
rescue
end
End

Logging & Scalability
If all your requests are READ-ONLY (from db) it is very easy to scale
Load balancer can route requests to any server
Database can be replicated easily
Write-bound apps are little tricky to scale

Agenda
Connectivity
Data format
Secure Data transfer
UDIDs, Keys, analytics
Controlling app from server

Controlling app behavior from Server

Control …
Apps changes are not easy to ‘get out’
Approval process takes time
Users may not upgrade to latest version
Server changes are under your control and easy to deploy
So build in control-switches in the app, that can be directed from server

Control…
One example: Choosing if you are going to show ads?
show_ads : {none | admob | tapjoy}

Hosting
Shared hosting is fine, but others might swamp your DB, CPU ..etc
If you can, get a VPS (Virtual Private Server)
Plans start from $20 / month (SliceHost, Hosting-Rails ..etc)
You have full ROOT access to the server (install packages, run CRON jobs ..etc)
EC2 is great (for testing, scaling)

Thanks!
Sujee Maniyam
s@sujee.net
http://sujee.net
http://DiscountsForMe.net
Questions?

http://sujee.net	886
http://www.slideshare.net	99
http://www.sujee.net	32
http://iphoner.org.ua	32
http://www.linkedin.com	9
http://www.iphoner.org.ua	1
http://static.slidesharecdn.com	1
http://translate.googleusercontent.com	1
http://sujee.local	1
https://twitter.com	1

Lessons from developing a Client Server Iphone app

by sujee

Accessibility

Categories

Upload Details

Usage Rights

10 Embeds 1,063

Statistics

Lessons from developing a Client Server Iphone app Presentation Transcript