Hello, guys!
I am creating an (hybrid) app for android, from HTML5, CSS and JAVASCRIPT, such as WebView. I will use API through PHP using MYSQL, exchanging information with JSON.
My question is next, where should I save the token to make a request? So how do I get the customer ID?
I do not know if I explained it right, I hope so.
Augusto,
You can generate the token in php and return it to the success of the login and then proceed to inform it on all other requests.
Normally, requests per API do request-based authentication checking, and this depends on their logic and on downtime. For example, if you do not expire the user in the app until it logs out, you can create a user relationship table with session. And store the token in this table. Whenever you find the user in this table it is logged in. And to unplug it, just delete the registry.
If you will use 100% webview, you can store client data in the javascript session.
Something like this:
window.sessionStorage.setItem("token", "meutoken")
To recover:
window.sessionStorage.getItem("token")
Additionally ...
Assuming also that you have jQuery loaded and the token is in the header Authorization you can set all requests as default
$.ajaxSetup({
headers: { 'Authorization': window.sessionStorage.getItem("token") }
});