Authentication process: Login logic


#1

I want to learn, how we can ask for username and password only once and make the app automatically take those values[for server side authentication] whenever the app is opened.

Like is there a way we can locally store the username and password securely?

I just don’t want to irritate the user by repeatedly asking them to signin whenever he or she opens the app.

Any input appreciated …


#2

As always with security requirements, the solution will depend on how sensitive is your data.
You may even have legal requirements that apply.


#3

There is no legal issues. I just need a system where the username and password is saved locally and then is automatically used for authentication of the user.


#4

Rather than storing password locally, you could either use a rememberMe token or your server could generate a JSON Web Token that your app would store locally, it depends also on what is available to you on backend.


#5

have you tried localstorage?


#6

Using localstorage is OK but the main question is for storing what, I think it would be OK to use it to store an auth token, the good thing about such token is that it can be expired without annoying the user.

On iOS you may also consider using KeyChain


#7

@technotip

See:

  • the references at the bottom of the (linked) post.

#8

@robinyo, looks bit complicated. Will take a look and try to work on it. Thank you :smile:


#9

@gmarziou, @panospcm, I want to store autho_token locally, so that I can use it for authentication while the app is loaded.

I’ve two options now:
1. localStorage
**2.**SQLite

localstorage looks simple, but not sure if it’ll be a good choice for my purpose.

Am not sure if these options are secure enough. Please guide. Thanks for your valuable inputs …


#10

LocalStorage is as safe as the phone is.
You could also combine the token with the device id, so on your server you store token and device id and you verify they match upon each request.


#11

@gmarziou, Thanks for the confirmation. I will be implementing LocalStorage in my application today.

Thanks once again :smile: