app Login - remain logged && Login

When we use the App, App once after logging in if you do not take the initiative to Log or clear the data, App will stay logged in for a long period of time, or allow users to log in once and then never feel every time enter a user password to log in. Banking, finance related to the payment of the class App logged generally do not support this long maintained. To maintain long-term technical implementation of the log, in addition to front-end technology and related also to the communication connection service provided by way of background the front and back and so on. For example, front-end App is a native front-end technology plus H5 realized that the chosen technology and pure native may not the same. And if the back-end using the sso (single sign-on) and back-end technology would use the webservice, Socket is not the same, the specific implementation sometimes need to be considered. Login summed up the general hold function has the following ways:

First, the use of mechanisms to achieve Cookie

We know that in order to solve cookie is a technology http stateless, it is widely used electricity supplier, oa and other web applications. If our App http communication and back-end communication using, you can use cookie technology to maintain login state. For example, we can put sessionID and validity remain in the cookie and sends it to the front end App, App After receiving the tip saved locally. When accessing the back-end services and the sessionID valid certification as an argument to the background. Until sessionID failure, users do not need to log in again.

Second, the user name and password

If the App and back-end communication is not done through http protocol, that cookie mechanism may be less suitable. With a user name and password remain logged refers to the first time user login is successful, the saved user name and password for the local, the next time the user logs on using the save when you open App user name and password automatically in the background. This approach requires safety considerations user name and password, prevent information from being cracked.

Three, token way

token authentication app manner on more common when App initial login, account and password data submitted to the server, the server generates a token string according to a policy defined, token string may contain user information, device ID, etc. information in order to ensure the uniqueness of the user. Server and the token set a certain period of time. Server token generated string to the client, the client token stored string, string band and the next request. App relative safety of local token higher.

App to Stay signed in addition to Realize also need to consider server-side data persistence issue, the client copy protection issues, intercepted crack problems, must be considered in use.

 

After the first login, the user will save the information down, the second time to determine whether the user login information, if there is a direct permission to display all of the data, if not logged in, permission is part of the data displayed.

Request written in action, triggering reducer, reducer change the store and update the status of the view.

 

1) directly to the login interface, return.

　　Interface login call in action, the value of the dispatch reducer returned to save, use directly in the page

When assigned to correspond to the