The state management and interaction of Appcan developing mobile app and server-side session

When we do web development, we generally use cookies or session to save the user's login status, by checking the cookie or session data to verify that the user has access to certain pages that need to be logged in, this is done through the browser, this is the B/s structure, But what if the client is a mobile application? Because this is the C/s schema, you cannot use cookies or session to verify the user's state, as if the browser has disabled cookies.

Fortunately, this is a workaround, in the case of disabling cookies, you can pass the session_id through Query_string, that is, after the app sends the login request, the server can pass session_id to the app, then save the session with the app. _ID on mobile devices, in those that require login access, each interactive request comes with a parameter session_id, is routed to the server side, and then the server checks the legality of the session_id to determine whether the user is logged in.

Here's a simple example of mobile development, not using native, but using Appcan to build the app:

1. App Login Request:

var url = ' http://127.0.0.1:8080/index.php?act=login&email=aa@qq.com&pwd=123456 ';
$.getjson (Url,function (res) {
if (Res.ok = = ' yes ') {
var storage = Window.localstorage;
if (storage) Storage.setitem (' Sid ', res.session_id);
}else{
Uexwindow.toast (0, 5, ' Login failed! ', 4000);
Return
}
}, ' JSON ', NULL, ' POST ', ', ' ';

2. App Request user information:

var sid = ';
var storage = Window.localstorage;
if (storage) SID = Storage.getitem (' Sid ');
var url = ' http://127.0.0.1:8080/index.php?act=uinfo&session_id= ' +sid;
$.getjson (Url,function (res) {
if (Res.ok = = ' yes ') {
var uname = Res.username;
Uexwindow.toast (0, 5, ' username: ' +uname, 4000);
Return
}else{
Uexwindow.toast (0, 5, ' Please login first! ', 4000);
Return
}
}, ' JSON ', NULL, ' POST ', ', ' ';

3. Server-side PHP response request [index.php]:

<?php
/**
* User:wudiweb.com
* App and server-side Simple example
*/
Header ("content-type:text/html; charset= ' Utf-8 ');
Session_Start ();

$act = $_request[' act '];
$result = Array (' OK ' => ' yes ');

if ($act = = ' Login ') {
$email = $_request[' email '];
$pwd = $_request[' pwd '];

if ($email = = ' aa@qq.com ' && $pwd = = ' 123456 ') {
$result [' session_id '] = session_id ();
}else{
$result [' OK '] = ' no ';
}
}elseif ($act = = ' Uinfo ') {
$session _id = $_request[' session_id '];
if ($session _id = = session_id ()) {
$result [' username '] = ' wudiweb ';
}else{
$result [' OK '] = ' no ';
}
}

echo Json_encode ($result);
Exit

Note that this is just a simple usage, if you think it is not perfect, you can expand on this basis, such as encryption session_id.