OAUTH and iOS app best practices: leave user logged in?
Question
I am working on my own app that uses instagram; but I think that this question is generalizable:
If my app determines that there is no auth token and requires the user to login; what should be done by the app in the way of cleanup after its done?
does it : leave the user "logged in" and let it be the responsibility of the user to invalidate the token ? or: should the app basically leave things at the same base state as it found it? Going along with this reasoning; then it would require the app to keep track of weather it logged the user in or were they already logged in " valid authorization token" before the app was run ?
thanks
1 answers
solution1
0 2017-10-09 14:36:06
You need to implement a renew mechanism for your token.
Basically check that the token is still valid, otherwise delete it and unlog the user.
To unlog, simple, just delete the token (and user related datas).
If your app requires for the user to be logged in then you can just check if there is a token before displaying the related view.
Your user is unaware of the token (and everything related to it) and that needs to stay this way, period. If the token needs to be invalidated at some point, your app needs to handle it.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.