Handling login session in iOS & server
When comes to server & client side integration, there are many
ways to handle the login session. Some people might keep the
login user ID or token in
NSUserDefaults, some are to keep
the login session cookie. There is no right or wrong.
I’m here to share about session cookie way.
Let say once user successfully login, the server will then keep
the login user into session.
What about in client side?
- Keep those key as constants. By default, PHP session cookie name is
PHPSESSID, if you’re using other framework, the key might be changed.
- Once user logon, the session cookie will be kept at client-side, without the cookie, the server will not know that the user is currently logged in. Thus sync it when first enter the app.
- Upon successful login, keep the session data to
NSUserDefaults, we can then check whether the session is exists before call any server API.
- Once logged out, remember to remove the session.
- Sync the session cookie kept in
NSUserDefaultsinto cookie storage.