堆栈内存溢出
  简体   繁体   English

Android与Django:如何让用户登录

[英]Android with Django: How to keep user logged in

 原文  2014-03-26 12:19:45       android/ django/ login/ facebook-login/ django-authentication

问题描述

I want to know what the method used by popular apps are. 我想知道热门应用程序使用的方法是什么。

Here are the approaches I have considered: 以下是我考虑过的方法:

  • When user logs in, save username & password in shared preferences and re-use it every time ( I think this will suck ) 当用户登录时,在共享首选项中保存用户名和密码,并且每次都重复使用它( 我认为这会很糟糕
  • Login on the client(app) side with Facebook SDK, pass the authentication token to the app and use that to create a user. 使用Facebook SDK在客户端(app)端登录,将身份验证令牌传递给应用程序并使用它来创建用户。 Pass a token to the app, store this token on the phone and use it in future communications. 将令牌传递给应用程序,将此令牌存储在手机上并在将来的通信中使用它。 I think it would make sense to re-create this token periodically, but how to do so without asking the user to login again? 我认为定期重新创建此令牌是有意义的,但如何在不要求用户再次登录的情况下这样做?
  • Create a login view. 创建登录视图。 this will mean passing username and password to the API And then go with the user token. 这意味着将用户名和密码传递给API然后使用用户令牌。

2 个解决方案

解决方案1
 3 已采纳  2014-03-26 12:27:52

I don't think you should store user credentials in preferences. 我认为您不应该在首选项中存储用户凭据。

The most common approach is to send credentials to server and then as a response get a session key. 最常见的方法是将凭据发送到服务器,然后作为响应获取会话密钥。 Then include the session key as a header to any request (and validate it in every request). 然后将会话密钥作为任何请求的标头包含(并在每个请求中对其进行验证)。

If the session key would become invalid (eg expired) then the server should return a proper response, and the client should initialize authentication functionality. 如果会话密钥变为无效(例如,过期),则服务器应返回适当的响应,并且客户端应初始化认证功能。

Egzample Egzample

First run 首轮

  1. Show login Activity 显示登录Activity
  2. Send credentials to server 将凭据发送到服务器
  3. Get a session_key as a response (normally its a hash) 获取session_key作为响应(通常是哈希)
  4. Store the session_key hash 存储session_key哈希
  5. User is authenticated, exit the login Activity 用户已通过身份验证,退出登录Activity

Any request to the server. 对服务器的任何请求。

  1. Add a header with session_key to your request (eg as a header) session_key添加到您的请求中(例如作为标题)
  2. Send the request 发送请求
  3. If the response is Ok Stop, else (eg response with message "not authorized" or status code 401) run First run 如果响应是Ok Stop,则(例如,响应消息“未授权”或状态代码401)运行First run

解决方案2
 0  2015-02-15 18:32:20

First run 首轮

  • Show login Activity 显示登录活动
  • Send credentials to server 将凭据发送到服务器
  • Get a session_key 获取session_key
  • User is authenticated, exit the login Activity 用户已通过身份验证,退出登录活动
  • you get the access tokens and login details to stored in Shared Preferences 您将获得存储在共享首选项中的访问令牌和登录详细信息

For other request. 对于其他要求。

  • Add a header with session_key to your request (eg as a header) 将session_key添加到您的请求中(例如作为标题)
  • Send the request 发送请求

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Android - 保持用户登录 - Android - Keep user logged in Firebase:如何让 Android 用户保持登录状态? - Firebase: How to keep an Android user logged in? AWS Cognito:如何保持Android用户登录状态? - AWS Cognito: How to keep an Android user logged in? Android + PHP-保持用户登录 - Android + PHP - keep user logged Android webview让用户登录 - Android webview keep user logged in 如何使用Firebase通过我的Android应用程序保持用户持久登录 - How to keep a user persistent logged in through my Android application with Firebase 如何保持用户登录Android上的应用程序? - How do I keep a user logged in to an application on Android? Android Shared Preference如何注册用户然后保持登录状态 - Android Shared Preference how to register user then keep logged on 如何在 android 和 JSON 中使用共享首选项来保持用户登录? - How to use shared preferences in android with JSON to keep a user logged in? 如何保持用户登录Xamarin - How to keep user logged in xamarin
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM