I have two database tables in MySQL.
- User Table
- Class Table
I have a working code in Laravel 5.2 on localhost, where I can see Class screen only after authentication. So far everything is working fine.
Now, I have to access the list of class, Add/Update Class functions from Android App.
I am thinking to use Token Based authentication. I saw the User table that Laravel provides when we create a new project. We have remember_token in User Table. I was thinking to use same token for Android and for Website.
Here the problem is : Token will be expired if you logout from the website and if I use same token, then expired token can not be used in android requests even if Android has done the authentication already.
Please suggest the correct way to use Token based authentication
or I should create a new column called api_token in User Table. and then after authentication, I can use same token to send request from Android to Server and for responding from server to Android. Here I have one problem.
Can the token be stolen?
In that case should I update the api_token in db every time I get the request from Android and updated api_token should be passed from server to Android?
from Newest questions tagged laravel-5 - Stack Overflow http://ift.tt/1WIxK3W
via IFTTT
Aucun commentaire:
Enregistrer un commentaire