Hey guys, I'm trying to figure out how the user authentication works with mobile apps that consumes the Rails API.
I know I can send a POST request to the server to register the user and then generate a token so I will authenticate him on every request.
The question is, how do I know that the user is logged in from the beginning? The API is stateless from what I understand. So what if I want to use statements like "If user logged in then do this..." Inside the mobile app.
Any guidance would be helpful.
Great question. So generally in a mobile app, you'll have to have that token stored somewhere. Basically if the token exists in the cache in your mobile app, you can then assume the user is logged in. If it doesn't exist, assume they are logged out.
There is an extra exception that sometimes tokens can expire and aren't permanent. If they do have time limits on them, you can store that in the mobile app along with the token to determine if it is still valid or not. If they don't, you can just request any endpoint and know that if it fails, you're going to need to request a new token.
Does that help?
Join 31,575+ developers who get early access to new screencasts, articles, guides, updates, and more.