Quick Links
How to make a "correct" login verify user lifecycle
ESUniversity ✭✭
Hi
I have and app with a login screen. I send the user and password to a service who gives me a user object and a token.
The fact is that I need to relog on each start to refresh the user object and the token. The user object is stored as a global property and the token is stored in secure keychain with the correct user and password.
I tried to manage it in App.xaml.cs builder (public App()) but it can be awaited, resulting on the app moving to home screen faster than the login service, and trying to ask data with no user id.
Then I tried to do it in protected override async void OnStart() but it gives me weird errors, and after a lot of googling it seems it's related to not being abled to use httpclient in OnStart
At the end my current "solution" is to have a xamarin forms view with the aspect of the splash screen and a activity indicator and manage the relog service on it. But it's giving the feel of a too much time taking splash screen.
Is there any better way to do it?
Thanks
Best Answer
-
N_Baua
IN ✭✭✭✭✭
Hi @Mulflar,
Okey, sounds great.
This is what I have did in almost all the XF projects.
Startup.cs(main view)[ Read session Token From Settings and encrypt - match DateTime stamp - Validity -6 Days or as per project requirement, typically if you have logged in last week but session is older then 6 days - token is deleted, you'd sign-out ] ->Login.cs-->AnyFurtherViewsSo this is the Not logged in work-flow.
Startup.cs(main view)[ Read session Token From Settings and encrypt - match DateTime stamp - Valid session ] --->AnyFurtherViewsI am also using REST service, however the first view checks the token first, validates and if the session is older then only prompts for login. For different projects I've used local file system (i.e. JSON files with encrypted data) or Settings plug-in and once SQL Lite db as well so persisting session is which you could tailor as per your requirement.
-- N Baua
5
Answers
Hi @Mulflar,
Can you just check the following links?
Hope it helps.
-- N Baua
Hi @N_Baua
Thanks for the reply but it gives me no help. The authentication service I use is a REST service custom developed for my app, no a Oauth service.
I have to manage all the process. The problem I'm having is not about how to do it, it's about when to do it. I have already implement the login service, the relog service, the navigation in the app, the usage of diferent services with basic auth, or token auth or no security, all of them work ok.
But in a new service evolution now they want me to recheck the user is correct each time the app is launched but using stored user/password data.
Hi @Mulflar,
Okey, sounds great.
This is what I have did in almost all the XF projects.
Startup.cs(main view)[ Read session Token From Settings and encrypt - match DateTime stamp - Validity -6 Days or as per project requirement, typically if you have logged in last week but session is older then 6 days - token is deleted, you'd sign-out ] ->Login.cs-->AnyFurtherViewsSo this is the Not logged in work-flow.
Startup.cs(main view)[ Read session Token From Settings and encrypt - match DateTime stamp - Valid session ] --->AnyFurtherViewsI am also using REST service, however the first view checks the token first, validates and if the session is older then only prompts for login. For different projects I've used local file system (i.e. JSON files with encrypted data) or Settings plug-in and once SQL Lite db as well so persisting session is which you could tailor as per your requirement.
-- N Baua
So you are doing like me, you have SplashScreen -> Startup -> Login or AnyFurtherViews
And in the Startup what are you showing?
Doesn't this aproach take "too much" loading app time?
Yes and I guess its fair start-up.
I may post some screen cap if you want.
--- N Baua
Ok, thanks, I'll wait a bit to see if anyone has a different aproach and If not I will set your reply as answer to my question,
Sorry.. I don't know how to delete the comment. I answered something but realized after it's not exactly what you asked...