Cookie token authentication login method

前端未结

关注

 3  1525

北荒 2021-02-09 17:56

There is a method that is using cookies to login users and i don\'t know it\'s name. It\'s setting a unique token to the cookie each time a user logs in. The token is visible an

3条回答

不思量自难忘° (楼主)

2021-02-09 18:42
I think you might be looking for something like OAuth. OAuth has become a sort of "standard" when it comes to token based authentication.

Here's some literature: http://tools.ietf.org/html/rfc5849

I found section 2.3. Token Credentials particularly similar to what you were talking about...
The response contains the following REQUIRED parameters:

oauth_token
```
    The token identifier.
```
oauth_token_secret
```
    The token shared-secret.
```
For example:
```
HTTP/1.1 200 OK
Content-Type: application/x-www-form-urlencoded
oauth_token=j49ddk933skd9dks&oauth_token_secret=ll399dj47dskfjdk
```
It's also important to note that through my understanding, token based authentication is only more secure if all requests are being made through an SSL connection. If not, 3rd parties can grab and imitate the tokens. So yeah, hope this is what you're looking for.
0 讨论(0)

查看其它3个回答
发布评论:

提交评论
- 加载中...