PHP to do app interface development, interface security

Source: Internet
Author: User

1, when the user login to the app, using the HTTPS protocol to invoke the background related interface, the server based on the user name and password to generate a access_key, and Access_key saved in the session (or saved in Redis), the resulting access_ Key and session_id are returned to the app side.

2, the app side will receive the Access_key and session_id saved up

3. When the app side calls the interface to transmit data, the transmitted data and the Access_key use the encryption algorithm to generate the signature signature, and send signature and session_id together to the server side.

4, the server to receive data, using session_id from the session to obtain the corresponding Access_key, Access_key and received data using the same encryption algorithm to generate corresponding signature, If the generated signature and the received signature are the same, the data is valid

PHP to do app interface development, interface security

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.