Token of the App interface

1, first of all, say what is the interface: the interface is simply the server side used to return to other programs or client data bridge

2, the role of the interface: according to fixed parameters to return fixed data, such as the client a=1, then the server returns the name of a, the client passes a=2, the server returns the gender of a, and does not return other data.

3, the role of signature signature: To ensure the security of the interface and data

4, the role of token: and the PC landing session, as the user entered the only ticket

For example: an interface between an app and a server, a different program between Java and PHP that typically transmits data in JSON format

Therefore, in order to ensure that the mobile and server data transmission is relatively secure, the interface needs to be encrypted transmission

1, the purpose of token design:
Because the app side does not have the same session mechanism as the PC, so it is not possible to determine whether the user is logged in or not, so a mechanism is needed to implement the session, which is the token's role, token is the only ticket that the user logs on. As long as the app comes in the same token as the server side, you can prove that you have landed (just as you go to the movies, you need to buy tickets, you can get in with the tickets)

2, the type of token design:
(1) Third-party landing type: This token-shaped access_token, The design principle is according to the OAuth2.0, its characteristic is the time refreshes (for example two hours refreshes), the purpose is because the data source assigns the login permission to the third party server must control its validity period and the privilege, otherwise the third party server may obtain the user arbitrary data from the data source server indefinitely without the user consent

(2) App Landing type: This token is the general application of tokens, because not through the third party, but the user directly take data source server data, so the design is more casual, just to ensure the uniqueness of their tokens on the line

3, the app self-landing token implementation steps:
(1) Database User table Add token field and time_out This token Expiration Time field
(2) When the user logs in (automatic login is also required during registration) generate a token and expiration time into the table
(3) Before the other interface calls, determine whether the token is correct, continue correctly, the error will allow the user to re-login

4, the app self-login Token implementation code (the company's own framework and logic, the main logic, do not directly copy code):

(1)//The following is the user login when the token inserted into the database code $logininfo[' token '] = Appuser::settoken (); $time _out = Strtotime ("+7 days");d b::setbypk (' U_adver ', Array (' token1 ' = = $logininfo [' token '], ' time_out ' + $time _out), $logininfo [' id ']); (2)//  The following is the Generate token method code public static function Settoken () {$str = MD5 (UNIQID (MD5 (Microtime (TRUE)), true));  Generates a string that does not repeat $STR = SHA1 ($STR);    Encrypt return $str; } (3)//Below is the token verification code that each interface must invoke, verifying that the implementation is in (4) $args [' token '] = $_post[' token ']; $tokencheck = Appuser::checktokens ($args [        ' token '], ' u_adver ');            if ($tokencheck! = 90001) {$res [' msg_code '] = $tokencheck;        V_json ($res); } (4)//token authentication method, DB:: Is the database Operation class, here is the token if it is not called seven days will need to re-login (that is, the user 7 days without the operation of the app will need to re-login), if an interface is called, it will re-refresh the expiration time public static function Checktokens ($token, $table) {$res = Db::getoneforfields ($table, ' time_out ', ' token1 =? ', Array ($token        ));        if (!empty ($res)) {if (Time ()-$res [' time_out '] > 0) {        return 90003; Token expires for a long period of time and needs to be re-logged in} $new _time_out = times () + 604800;//604800 is seven days if (Db::setwhere ($ta  BLE, Array (' time_out ' = = $new _time_out), ' token1 =? ', array ($token))) {return 90001;  Token verification succeeds, Time_out refresh successfully, can get interface information}} return 90002; Token error validation failed}