玩！适用于Android客户端的Framework 2 REST身份验证和授权 [英] Play! Framework 2 REST Authentication and Authorization for Android Client

问题描述

我目前正在开发具有网络版本(Play！Framework 2.2.x)和Android客户端的应用程序.由于事实，玩！完全是RESTful，我想在Play之间进行交流！和带有JSON请求和响应的Android.该应用程序的Web版本正在使用支持身份验证和授权的Play Authenticate插件.我想知道如何在使用Play的Android客户端中启用登录！应用程序以及如何确保Play之间的通信安全！应用和Android客户端.

I'm currently working on an application that has web version (Play! Framework 2.2.x) and Android Client. Due to the fact that Play! is fully RESTful I want to communicate between Play! and Android with JSON requests and responses. Web version of the application is using Play Authenticate plugin which supports authentication and authorization. I would like to know how to enable login in Android Client that would use Play! app and how to secure the communication between Play! app and Android Client.

推荐答案

在没有收到我的问题的答复后，我想出了以下解决方案.每个用户都有其自己的名称和密码以及一个令牌.该令牌是在注册过程中设置的，每两天更新一次.我将用户名和令牌保存在android应用程序的共享首选项中，并使用这两个字段对来自客户端的每个请求进行身份验证.由于这是一个学生项目，所以我认为这可能是一个不错的选择，但是生产产品应该具有更好的安全性.

After not getting a reply for my question I figured out the following solution. Each user has it's own name and password and a token. This token is being set during registration and gets updated every two days. I save username and token inside shared preferences in android application and authenticate each request from client with those two fields. Since it was a student project I thought it might be a good choice, but the production product should have better security.

这篇关于玩！适用于Android客户端的Framework 2 REST身份验证和授权的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！