Java-具有会话的Google Cloud Endpoints自定义身份验证
[英]Java - Google Cloud Endpoints custom authentication with sessions
问题描述
I like Google Cloud Endpoints but I do not want to use the OAUTH2 authentication with Google Accounts. 
我喜欢Google Cloud Endpoints,但不想将OAUTH2身份验证用于Google帐户。
Instead, my idea is to create my own authentication. 相反,我的想法是创建自己的身份验证。 Upon successful login, I would like the client to receive a unique session key that it can then use for all authenticated future calls for a given period. 成功登录后,我希望客户端收到一个唯一的会话密钥,然后该密钥可用于给定期间内所有经过身份验证的将来的呼叫。
Is there some established way to do this with Google Cloud Endpoints? 是否有一些确定的方法可以使用Google Cloud Endpoints执行此操作? Or has someone achieved something similar themselves? 还是有人自己取得了类似的成就?
Thank you. 谢谢。
1 个解决方案
解决方案1
1 2015-12-28 20:08:23
In general what you need to: 通常,您需要:
1) on server side in login method generate session key, store it (indexed) with your custom User object to datastore and return from method; 1)在服务器端的登录方法中生成会话密钥,并将其与您的自定义User对象一起存储(索引)到数据存储中并从方法中返回;
2) on client side -- store this key as Cookie in browser with expiration time of your choice. 2)在客户端-将此密钥作为Cookie存储在您选择的到期时间的浏览器中。
3) send session key (take it from cookie) as custom header ( example ) 3)发送会话密钥(从cookie中获取)作为自定义标头( 示例 )
4) on server side in all methods (except login()) add your own Authentificator . 4)在服务器端的所有方法中(login()除外), 添加您自己的Authentificator 。 In authenticate method compare key from request to one you stored. 在验证方法中,将请求中的密钥与您存储的密钥进行比较。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.