Handling Sessions on Google App Engine with Android/IPhone

Question

I\'m starting to write an app whereby a mobile app (Android/IPhone) will communicate with the GAE backend (Python) through a series of Web API calls using JSON.

I can\'t

Answer 1

I cannot see why you would need a session? Sessions on App Engine are persisted in the data store, so if you can keep your requests stateless, I encourage you to do so.

As you will have your own user service which will authenticate the users, I suggest you use Digest authentication, as the secret is never included in the request.

There are libraries implementing Digest for most client and server platforms.