55

As the title implies, I am using AFNetworking in an iOS project in which the application talks to a server. When the user signs in, the server responds by sending back a success flag and the response headers contain the session ID.

I am wondering if AFNetworking automatically sends the session ID with every subsequent request or should I take care of this myself in some way?

For your information, I have no control over the back-end in terms of how requests are authenticated. I am only building a client that talks to the server.

4

2 回答 2

116

Yes, your session ID should be sent automatically once you are logged in, as long as the cookie does not expire before the next request is sent (important detail to be sure of). NSURLConnection, which AFNetworking uses, takes care of the details for this for you.

On the backend AFNetworking is using NSURLConnection which in turn automatically updates NSHTTPCookieStorage to store the session. You can manipulate or delete the cookies as you see fit by messing with the cookie storage.

Like if you wanted to appear to the service as not logged in, you could just delete the session cookie associated to that domain. Some services I have worked with will error if you are already logged in and attempt to login again. Additionally there was no way to check login status. Quick fix, get the cookies from URL and delete them :

NSArray *cookies = [[NSHTTPCookieStorage sharedHTTPCookieStorage] cookiesForURL: networkServerAddress];
for (NSHTTPCookie *cookie in cookies) 
{
    [[NSHTTPCookieStorage sharedHTTPCookieStorage] deleteCookie:cookie];
}

From the developer himself

于 2012-06-14T19:10:02.663 回答
4

This depends on the specification given by the service you are interacting with. I have worked with similar services and they have explicitly stated in their documentation that, In order to maintain the session valid I must poll the service at every few seconds by sending int "1".

However, If possible could please post the service name or any reference which we can read. If it is any company's private API then they must have described the use of the session id which they are returning.


Underlying technologies will take care of it, However if you want to persist those cookies then this answer for other question.

Persisting Cookies In An iOS Application?

于 2012-06-14T14:27:49.007 回答