[英]authenticate the user on Android but process on remote server?
I'm suppose to develop a new option for our Android app that allows new users to sign in with their Google account. 我想为我们的Android应用程序开发一个新选项,允许新用户使用其Google帐户登录。 We need to retrieve basic user info (First name, Last name, Date of birth, Email, Country etc.) and store them on server.
我们需要检索基本的用户信息(名字,姓氏,出生日期,电子邮件,国家/地区等)并将其存储在服务器上。 It should happen only the first time user logs in to the app so the next time all the button is doing is simple authentication to access the member's area.
只有在用户首次登录该应用程序时才会发生这种情况,因此下一次所有按钮所做的只是简单的身份验证以访问该成员的区域。
Currently, our app prompt for permission using oauth2
and AccountManager
and can retrieve the user info through oauth2 api . 目前,我们的应用程序使用
oauth2
和AccountManager
提示输入权限,并且可以通过oauth2 api检索用户信息。 I would like to do the same thing on our server instead. 我想在我们的服务器上做同样的事情。
So to sum it up here is the flow I'm thinking about: 因此,在这里总结一下是我正在考虑的流程:
We still need a local copy of user info on his android device though so he can view his own profile. 尽管我们仍然需要在他的android设备上提供用户信息的本地副本,以便他可以查看自己的个人资料。
Note: The reason I'm thinking of doing the data import process on our server is to speed up the app and save some bandwidth. 注意:我正在考虑在服务器上执行数据导入过程的原因是为了加速应用程序并节省一些带宽。 but I also feel that user might want to modify his data before they get saved to the server.
但我也觉得用户可能希望先修改自己的数据,然后再将其保存到服务器。
I'm really confused and the oauth2 documentation doesn't help much. 我真的很困惑,oauth2文档没有太大帮助。
I don´t understand the problem. 我不明白这个问题。 Sorry.
抱歉。
Just retrieve information about the customer from the OAuth api, send the information through HTTP/HTTPS post request to the server, save it there. 只需从OAuth api检索有关客户的信息,然后通过HTTP / HTTPS发布请求将信息发送到服务器,然后将其保存在服务器上即可。 Then save the same information in the SQLite database in phone and after first time when the app launches just check the user table in SQLite for if the customer exists.
然后将相同的信息保存在手机的SQLite数据库中,并且在第一次启动应用程序后,只需检查SQLite中的用户表是否存在客户。
Here is an awesome example: http://www.androidhive.info/2012/01/android-login-and-registration-with-php-mysql-and-sqlite/ 这是一个很棒的示例: http : //www.androidhive.info/2012/01/android-login-and-registration-with-php-mysql-and-sqlite/
In order to do this, you need to follow the documentation for Cross-Platform single sign-on and Cross-client Auth from Google. 为此,您需要遵循Google的跨平台单点登录和跨客户端身份验证的文档。 In essence, your flow should be:
本质上,您的流程应为:
Also, I suggest you use a persistent cookie store for your requests (I prefer loop4j's Android Async-HttpClient ). 另外,我建议您对请求使用持久性Cookie存储(我更喜欢loop4j的Android Async-HttpClient )。 This will allow you to save the session easily, so you do not have to authenticate too often.
这将使您轻松保存会话,因此您不必过于频繁地进行身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.