I am trying to build an iOS app with rails backend. I have chosen devise as the user authentication and session management system.

Currently I have modified the original Devise RegistrationsController and SessionsController so that they return JSON response. The sample create method in SessionsController is as follows:

def create
    build_resource
if resource.save
  if resource.active_for_authentication?
    sign_up(resource_name, resource)
    respond_to do |format|
      format.json { render :json => ["success", resource, User.serialize_into_cookie(resource)]}
    end
  else
    expire_session_data_after_sign_in!
    respond_to do |format|
      format.json { render :json => ["inactive", resource]}
    end
  end
else
  clean_up_passwords resource
  respond_to do |format|
    format.json { render :json => ["error", resource]}
  end
end
end

What I am wondering is what the best way to persist login through iOS app is.

Most of the devise tutorials are just for web applications and I am not sure how I should apply these to my iOS app.

The framework i am using is 'AFNetworking', and the class I am using for networking is 'AFHTTPClient' and 'AFJSONRequestOperation'. But I don't know how to retrieve and store session on the client side so that I can use it for later.

1. Maybe I should use a different framework for networking that uses proper headers and things to retrieve session and cookie? something like ASIHTTPClient?

2. Or should I use token_authenticatable feature in devise to persist login?