I'm trying to create an Android App which will communicate with Ktor server. I have successfully est...
с
Стефан Јовановић
02/01/2022, 4:45 PMI'm trying to create an Android App which will communicate with Ktor server. I have successfully established a session with those two. And everything seems to work fine. On my Android app I've implemented One Tap sign in with Google, so whenever a user is authenticated, I receive a TOKEN which I'm sending to my Ktor server for verification. After it is successfully verified, I'm then saving users credentials on the server. For the session storage I'm using "directorySessionStorage". There's just one thing that's troubling me right now, and I'm hitting the wall. So whenever I launch my Android App, I'm signing in and immediately starting a NEW session with Ktor server. The only problem is, that the OLD session is not deleted even after a NEW one was created. Now I can remove that OLD SESSION if the user clicks SIGN OUT button in my Android app explicitly. However if the user just closes the app and launch it again without clicking SIGN OUT button, then that OLD SESSION will not be deleted, and a NEW one will be created, with new app launch. That way I'm seeing new session on my server directory every time a same USER launches the app again without SIGNING OUT explicitly. I don't want that, I want to remove the OLD SESSION, whenever a NEW one is created for that same USER. I'm not sure about the actual logic which needs to be implemented for that, can someone point me in the right direction? 🤔 Or is there any way that I can manually set the time limit on a session?
a
Aleksei Tirman [JB]
02/02/2022, 8:58 AMWhen a new session is created is there a way to determine the old session in your application?
Aleksei Tirman [JB]
02/02/2022, 9:05 AMUnfortunately, there is no functionality for limiting the lifetime of sessions.
с
Стефан Јовановић
02/02/2022, 9:39 AM@Aleksei Tirman [JB] Hmm not sure about that. 🤔 I'm using OKhttps's cookieJar(JavaNetCookieJar) to handle cookies automatically on my Android app. Plus on the server side I'm using: SessionTransportTransformerEncrypt to encrypt the session. Not really sure about which approach would be considered good for this specific use case.
Стефан Јовановић
02/02/2022, 9:43 AMOne way I can think of, is to send a request to my Ktor server, to clear the current users session, whenever the app is getting closed. That way I can be sure that there will not be any 'old' sessions left behind. But even that approach can be prone to errors. For example there's no internet connection and you close the app.
a
Aleksei Tirman [JB]
02/02/2022, 2:12 PMYou can write your own implementation for the
SessionStorageс
Стефан Јовановић
02/02/2022, 2:16 PM@Aleksei Tirman [JB] I'll definitely consider that. Thank you. :)
10 Views