so I'm using Play! framework for a website project.
I'm using session to determine if the user has logged in:
session("connected", user.getId().toString());
then, I can identify who's the user when I want to easily.
I got two questions:
It's simple and secure, as session scope's cookies are signed with a secret key. If there is no need for storing large amount of data for each session it should be OK.
Take a look for existing solutions (ie. zentasks sample).
Edit :
On the other hand you can consider using Play Authenticate, I've added session handling to sample in my fork (branch 2.0.4_session) in samples/java/play-authenticate-usage , it's just 3 commits, so it's quite easy to merge it to the existing play-authenticate-usage
implementation.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.