Auto login / Storing passwords locally

29 views
Skip to first unread message

Andrzej // Futuretro

unread,
Feb 10, 2016, 5:26:51 AM2/10/16
to Coronium IO
Hi there,

If I want to automatically log the last user in on startup I need to store their password locally. I'm a complete newbie to security but this seems like a terrible idea. I guess ideally I would store a hash of the password and then send the hash to loginUser. Does anyone have any advice as to how to proceed?

Huge thanks,

Andrzej

Andrzej // Futuretro

unread,
Feb 10, 2016, 9:53:26 AM2/10/16
to Coronium IO
I think I totally misunderstood the point of the user system. Here is my new approach for anyone interested:
  • Email addresses can be saved locally but never passwords.
  • On loginUser: save the sessionToken returned.
  • On app start if we find a saved sessionToken then set it with coronium:setSessionToken() and try getMe()
  • if getMe returns ok then start the game, if not then clear our saved sessionToken and go to login screen.
Does that sounds about right? One thing I'm a little unsure of is calling getMe after loginUser to know which user has actually logged in.

Many thanks!

develephant

unread,
Feb 11, 2016, 4:03:06 PM2/11/16
to Coronium IO
Hi,

That sounds about right. the getMe method should return the user info as long as the session is set.

Let me know if that doesn't work out.

Cheers.
Reply all
Reply to author
Forward
0 new messages