01-17-2011, 03:04 PM
[eluser]Unknown[/eluser]
Hi everyone,
I am running a REST API that uses the CI Session library for user login. I have set the session cookie to expire after 24 hours. This API is powering several webapps and an iOS application that stores the user's credentials in the iphone's keychain access. I want to let the iOS app know that the cookie has expired and that it needs to re-authenticate with the server using the stored credentials in the keychain.
I have a few services in my API that behave differently if the user is logged in (they return a different response). I want to return a 401 error if the cookie sent in the request was invalid/expired, return a normal response if the user is not logged in, and an altered response if the cookie is valid/not expired.
If I'm only checking to see if the session userdata is set, I see no difference between an expired cookie and simply a non-logged in user.
Is there any way that I can check whether a cookie sent via the request has expired? I only want this 401 error to be displayed once on an expired cookie, the iOS client would then reauthenticate itself and get a new (valid) session cookie.
Thanks for any insight on this. I'm still somewhat new to cookies and sessions, so if I'm way off here, please let me know.
Hi everyone,
I am running a REST API that uses the CI Session library for user login. I have set the session cookie to expire after 24 hours. This API is powering several webapps and an iOS application that stores the user's credentials in the iphone's keychain access. I want to let the iOS app know that the cookie has expired and that it needs to re-authenticate with the server using the stored credentials in the keychain.
I have a few services in my API that behave differently if the user is logged in (they return a different response). I want to return a 401 error if the cookie sent in the request was invalid/expired, return a normal response if the user is not logged in, and an altered response if the cookie is valid/not expired.
If I'm only checking to see if the session userdata is set, I see no difference between an expired cookie and simply a non-logged in user.
Is there any way that I can check whether a cookie sent via the request has expired? I only want this 401 error to be displayed once on an expired cookie, the iOS client would then reauthenticate itself and get a new (valid) session cookie.
Thanks for any insight on this. I'm still somewhat new to cookies and sessions, so if I'm way off here, please let me know.
