从Android应用程序正确注销用户 [英] Properly log out a user from android app
问题描述
我正在开发一个小型 android 应用程序,基本上到目前为止它只有登录和注销功能.我使用 Firebase 来存储用户数据和身份验证.
I'm developing a small android app, and basically so far it just has login and logout functionality. I'm using Firebase to store user data and also for authentication.
所以我有登录工作,它按照它应该的方式对用户进行身份验证,并且我已经注销工作,因为它unauthenticates用户.但是我需要在应用程序中做什么才能终止会话吗?
So I have login working and it authenticates users as it should and I have logging out working in the sense that it unauthenticates users. But is there anything I have to do from within the app to kill the session?
if (id == R.id.action_log_out) {
ref.unauth(); //End user session
startActivity(new Intent(MainActivity.this, LoginActivity.class)); //Go back to home page
finish();
}
这会像我认为的那样工作吗?显然,如果有人退出,他们不应该能够在不重新登录的情况下点击后退按钮并神奇地返回到最后一页.
Will this work as I think it should? Obviously if someone logs out they shouldn't be able to hit th back button and magically go back to the last page without re-logging in.
推荐答案
当 Firebase 对用户进行身份验证(或者您使用 Firebase 对用户进行身份验证)时,它会将该用户的令牌存储在您设备的本地存储中.当您调用 authWith... 方法之一时会发生这种情况(当然只有在它成功验证用户身份的情况下).
When Firebase authenticates the user (or you authenticate the user with Firebase), it stores the token for that user in local storage on your device. This happens when you call one of the authWith... methods (of course only if it successfully authenticates the user).
调用 ref.unauth(); 会立即从本地存储中删除该令牌.
Calling ref.unauth(); immediately deletes that token from local storage.
当用户按下后退按钮时,正确实施的流程不会自动重新对其进行身份验证,但这取决于您实施的流程(您的问题中缺少该流程,而且代码可能太多).
A properly implemented flow would not automatically re-authenticate them when the user presses the back button, but that depends on the flow you implement (which is missing from your question and would likely be too much code anyway).
这篇关于从Android应用程序正确注销用户的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
