How to identify user from server for processing requests

Question

I would like to know how to identify user from server when any request from app is done. Like if I have logged into the app and want to update my profile and send the request to server. How will the server identify the request is from particular user ? I am using PHP as server language and storing user session using Shared Preferences.

Any help would be helpful.

Answer 1

After successfully logged in to the app, save the userId locally (either in SQLite or SharedPreferences etc..).
Now everytime the user request from server, add that userId into the parameter list.
On the server side, first of all, check the userId, if it's null or not exist in the database, echo a String error message, otherwise proceed.

Answer 2

The easiest way to accomplish this outcome is to attach a unique identifier to the user(randomly generated) .Store this information along with the time,name and identifier of the user in the database. Also persist in the app, shared preference is alright. But consider using databases.A great one is realm for android. Then when any request is sent to the server send the name of user along with their identifier perform a query search with this information. Thus returning any info stored for this user.

Make any sense? Well there are other sophisticated approaches that can be tailored to your needs. the concept of shared preferences is to store small transient information. using a database permits much safer control over your data and managed operations asynchronously,which will pay a big role later when traffic is encountered. Consider web tokens as well for communication. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed. JWTs can be signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA.