Menu
I'm working on a PhoneGap app with server session usage. It needs cookies to handle the session. Additionally, the cookie from the load balancer should be handled, too. So there is no way around. How do you handle Cookies in your PhoneGap app?
I have already accomplished some research:
247
Friend, I've tried too without success to use cookies with phonegap. The solution was use localStorage.
Key Quick Example:
var keyName = window.localStorage.key(0);
Set Item Quick Example:
window.localStorage.setItem("key", "value");
Get Item Quick Example
var value = window.localStorage.getItem("key");
// value is now equal to "value"
Remove Item Quick Example:
window.localStorage.removeItem("key");
Clear Quick Example:
window.localStorage.clear();
If you use you javascript for both mobile and web, you can use this code to detect that enviroment:
var wl = window.location.href;
var mob = (wl.indexOf("android")>0);
References: http://docs.phonegap.com/en/1.2.0/phonegap_storage_storage.md.html#localStorage http://cordova.apache.org/docs/en/6.x/cordova/storage/storage.html#page-toc-source
Be aware: using anonymous navigation on iOS may make localstorage not work like spected. A simple test that are working fine to me:
$(document).ready(function () {
try {
localStorage.setItem('test', '1');
} catch (Err) {
if (Err.message.indexOf('QuotaExceededError') > -1) {
// Tell the user they are in anonymous mode
// Sugest it to go to https://support.apple.com/pt-br/HT203036 to get help to disable it
}
}
}
});
Similar to you I wanted to use cookies set by a server within my application so that my app would be consistent with the web and not require a separate device-ID or other method for authentication.
What I discovered is the following:
$.get() or $.post()) do not persistThe way to thus get a cookie to persist is to use the inAppBrowser plugin.
First, setup a simple server that accepts as GET parameter key-value parameters you want to persist. I'm a python/tornado guy, so my server might look like:
class PersistCookieHandler(tornado.web.RequestHandler):
@tornado.gen.coroutine
def get(self):
token = self.get_argument('token')
self.set_secure_cookie('token',token)
Then, in your app:
function persistToken(token,success_cb, error_cb) {
// replace with your URL
url = 'SECURE_SERVER_URL_THAT_HANDLES_SET_COOKIE';
// _blank tells inAppBrowser to load in background (e.g., invisible)
var ref = window.open(url, '_blank', 'location=no,toolbar=no');
// attach a listener to the window which closes it when complete
ref.addEventListener('loadstop', function(event) {
ref.close();
success_cb(); // call our success callback
});
// attach a listener for server errors
ref.addEventListener('loaderror', function(event) {
// call our error callback
error_cb(event);
});
}
You can then call this as follows:
persistToken(
someToken,
function() {
console.log("token persisted");
},
function() {
console.log("something went wrong);
}
);
Use the device_id to address certain records on server side. Create a database table named session on your server with device_id, cookiename, cookievalue and timestamp as columns.
When a client accesses your web server via phonegap app, get his device_id and store the cookies in your table. The device_id here acts as the access token in OAuth protocol.
Now for security reasons you need to reduce the validity period of those records, because the device_id is permenant and your client would want to sell their phones one day. Therefore, use timestamp to store the last access by the client, and delete the record if it has not been accessed for, say 10 days.
4
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
