How to implement authorization in Phonegap application?

L

Leonid2016-09-22 11:00:33

PHP

Leonid, 2016-09-22 11:00:33

It is necessary to implement authorization (login/password) to access the Personal Account section in the Phonegap application.
If I understand correctly, the COOKIE mechanism does not work in PhoneGap applications ? LocalStorage is often used in its place .
Therefore, I think to implement this approach:

First, the user will enter a login and password in the application form, I will check it on the server in PHP and, if the authentication is successful, I will create some variable in the $_SESSION array, indicating that the user with such and such an ID is successfully authorized.
In the application itself, I will create two variables in LocalStorage, one will contain the user ID, the second will be some secret_key
To save authorization, the next time I log in to the application and access the Personal Account section, I will send a request from the application once passing the user ID and secret_key from LocalStorage , check them in PHP on the server and if everything is correct in the $_SESSION array, again create the same variable , indicating authorization.

Does everything seem reasonable? How else can it be? Or what do I not know?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

L

Leonid, 2016-09-22
@easycode

I answer myself, which is not reasonable, of course:
1. PhoneGap applications do not support COOKIE
2. Without COOKIE support, the browser has nowhere to store the session_id, so binding to a PHP session will not work by default as I described.
It remains to think that with each AJAX request, for example, this same session_id must be passed