The token and androidtoken in the interaction between the Android client and the server

The token and androidtoken in the interaction between the Android client and the server
What is TokenToken?

Token is a string generated by the server. It is used as a Token for requests from the client. After the first login, the server generates a Token and returns the Token to the client, in the future, the client only needs to bring this Token to request data, and the user name and password are not required again.

Token introduction --

Token requests data frequently from the client to the server. The server frequently queries the user name and password from the database and compares them to determine whether the user name and password are correct or not. Then, a prompt is prompted, in this context, Token came into being.

Purpose of using Token --

The purpose of Token is to reduce the pressure on the server, reduce frequent database queries, and make the server more robust.

How to Use Token?

Two usage methods:

Use of sessions and tokens in git-osc:

Not long ago, I first came into contact with the Token when I learned to log on, but I was not quite clear about the situation at that time. Now I understand:

When a user logs on, the server returns a Session with a Token in the Session. After the Token is obtained, we need to save the token.
The user does not need to carry the user name and password when sending the request next time. This reduces the burden on the server by carrying the Token and parameters required for the request.

So far, I have understood several questions:

/*** User logon, save the private token ** @ param appContext * @ param username * @ param password * @ return GitlabUser User information * @ throws IOException */public static User login (AppContext appContext, String userEmail, string password) throws AppException {String urlString = URLs. LOGIN_HTTPS; Session session = getHttpRequestor (). init (appContext, HTTPRequestor. POST_METHOD, urlString ). with ("email", userEmail ). with ("pas Sword ", password). to (Session. class); // save your private token if (session! = Null & session. get_privateToken ()! = Null) {String token = polictoutils. encode (GITOSC_PRIVATE_TOKEN, session. get_privateToken (); appContext. setProperty (PRIVATE_TOKEN, token);} return session ;}

References

How to use tokens and sessions on the Android client and server

Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.