Android WebView and login info : how to preserve?

StackOverflow https://stackoverflow.com/questions/23668500

  •  23-07-2023
  •  | 
  •  

Question

I've got an Android app. When a user logs in, the username will be preserved in sharedpreferences. However, I'm not quite sure what to do with a webView in it. Specifically, I created a html file to display some personal info, but I'm not sure how to preserve the log-in state for the webview so that the website knows which specific user is querying.

Please help me out!

Was it helpful?

Solution

Use token based authentication.

  1. You authenticate via your API with your credentials
  2. If successful, you get a token (guid or some other random string) that you pass in from there on out. It's safe to store because it expires after inactivity.
  3. If your token becomes stale, you ask them to re-auth

Keep in mind the web service is going to have to hold a relation from the token to the user in the back end, and will have to be supported by you.

There are more elaborate schemes, as this is a primitive methodology, albeit an answer to your question.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top