1

I'm building an Android cloud app that authenticates a user on a PHP/MySql server. I would like to use sessions as to not need to ask the user to authenticate himself every time he communicates with the server. However, sessions don't last forever, and it won't take long before the user has to authenticate himself again. Is there a way to make the sessions last forever, except when the user wants to log out?

If not, I find it would be just easier to keep the user credentials in memory on the app, and then send them each time the user communicates with the server.

Any ideas? Any other solutions?

4

1 回答 1

1

You can store an access token every time the user registers. When a user logs in using app, this token will be returned as authentication token .to the app. With every request which is made to the server, this token is sent. On server side, you just need to verify whether token is present in the request and if yes, whether it is valid which is determined by checking if it is present in the database.

于 2013-01-12T03:53:06.653 回答