C
C
Cyril2017-02-10 00:13:50
Mobile development
Cyril, 2017-02-10 00:13:50

How are mobile applications authorized?

The situation is as follows. There is a backend implemented in YII2. I have a NodeJS application. And there is a mobile application (Android, iOS).
When the mobile application successfully logs in, the backend creates a session in the database and issues a token to the mobile application.
Once the login is successful, mob. The application connects to the NodeJS application by passing the token in the header. The NodeJS application, in turn, looks for the session in the database. If it exists, then between mob. a connection is established between the application and the NodeJS application. Chat is organized through this connection.
Now questions.
1. I don't know much about iOS device and Android apps. Do they store cookies, like browsers do, for example? After all, when the mob. the application will log in, a session with a unique key will be generated in the database. Can I pass this key to the mobile application as a cookie?
2. Is the presented authorization scheme for mobile applications correct? Mob. when the application logs in, it accesses the REST API of the YII application.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
X
xmoonlight, 2017-02-10
@xmoonlight

https://sitecoder.blogspot.ru/2016/09/rest-api.html

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question