I am developing a Restful Webservice using Eclipse and an android application. User logs in using its username and password on the android application which is checked against the database at the server side(using this web service).
Now, I want to maintain a session for which the user will remain logged in, that is, the user does not have to log in again and again whenever he re-opens the application.
How to do it? I searched on net but I could not find an accurate solution. Kindly help with the appropriate solution. Ask if more information is required.
use Shared Preferences to save session data .
there are good tutorials :
http://www.androidhive.info/2012/08/android-session-management-using-shared-preferences/
http://androidexample.com/Android_Session_Management_Using_SharedPreferences_-_Android_Example/index.php?view=article_discription&aid=127
This can be done in two ways. One is storing them in a global variables and second is storing the data in shared preferences. The problem with storing data in global variable is data will be lost once user closes the application, but storing the data in shared preferences will be persistent even though user closes the application. Here is the complete example:
http://www.androidhive.info/2012/08/android-session-management-using-shared-preferences/
Related
I have an app, it uses Rxjava and Retrofit to retrieve data from backend.
after login, I will get a JSON file which includes User information (name, email, id, stripeId....). I will need to use User information when retrieving data from backend in other activities. Since there are many times I need to use the User information, saving it in Database or SharePreference may spend a lot of time.
Is there any way that I can save the data in the memory when the App is alive (not killed in the background)? Thanks first.
You can extend Application Class which is initiated on application startup.
Check it here:
Extending Application to share variables globally
I'm new in android, I am developing web application by android studio.
When user open application, there is activity login. User need input ipaddress of server, username and password before access application.
What I want to know, Is it possible to save ippaddress and other data to something like SEASSON/Cookies Web in Android Studio? So user only need 1 time to input data, store it and ALL activity inside application will get that data everytime it needed.
Thankyou my friends.
If you want to keep the User's Login data locally, encrypt the values and store it in Shared Preferences or in SQLite Database.
I think storing it locally is the best option because it wouldn't require your app to make network calls every time user opens the app.
Here are my suggestions:
1. If you have a web service, encrypt and persist the values securely to your web service via a post
2. Encrypt and store the values in shared preferences
3. Encrypt and store the values in a sqlite data base on the device.
I Know If the User have to Store UserName and Password then we can create Class and store the UserName and Password in Class. At get the data using SharedPreferences for that class.But That class store the data upto we can not close the Application. If we close the Application then data will be destroyed.
My Question is :
I Want to Store Data in Application if the User close the application or Restart the Mobile device. But the data are Store in the Class. How to perform this task. I am new to android. Please Help me.
You are new to Android. So, you should go through this link. You got these many Storage options in Android: http://developer.android.com/guide/topics/data/data-storage.html
In your case, You can go with SharedPreferences. Your data will be stored in key-value pair. And also, it is persistent storage.
Which of the following ways is better to allow user to login once and avoid logging in again on next app launch?
1) Store just UserID and then just every time fetch data from server and load profile? (Problem: userID can be manipulated in SharedPreferences so user can easily hijack other users identity)
2) Store username and password in SharedPreferences then just auth user on every app launch and get users data from server? (Is this safe enough? )
3) On first login from device - store deviceID in online database and store userID in SharedPreferences, then on every app launch compare deviceID's and if matches = Fetch data and login automatically or if not matching = request login again?
Is there any better way perhaps? I would like to avoid using SQLite as for my app I have no need for database, my app is online MySQL database related and it's constantly communicating with it rather than having local database.
You could also send back a large meaningless id (such as a GUID) from the server on login. The server would store it in a list of valid login credentials. Store it on the phone also and send it back to the server for authentication. There would be no way to forge an id since it cannot be derived from any other information, and the chances of guessing one would be miniscule.
1) and 2) should never be done as it compromises on the security and any one with read/write privileges can easily view the sensitive information.
3) could work but not with the device id since that can also be manipulated on rooting. I would suggest you use the userid+password+deviceid to generate a hash and store that in your database. Consequently whenever you make any calls to your server use this hash to authenticate the user.
About fetching the data you need not do it every time. If the data is not very sensitive you can store it in your shared preferences and use it to reduce the network calls. You can use this to show the screen which opens on first time usage and consequently fetch additional data by making a network request. It would also not interfere with the user experience
I am trying to build a logging in system (stored in online database) for Android by email and facebook. Right now I coded the logging in for Android by email, but I am wondering how I should best code the part to remember if you are logged in or not the next time you open the app.
Is the best way to do this to simply keep track of this in a shared preferences file with a boolean? And should I store this just by username and then just get all the scored points of this user from the online database? Is it necessary to encrypt this data to my shared pref?
yes,shared preference is preferred way to do this.And why only store username,i mean store all the data in shared preference and then fetch it from there.there's no point in fetching it again and again everytime from server unless it is updatable.