ios - RESTful stateless service and KeyChain. Go stateless or nor? -
i planning make asp.net wep api server , ios client.
- from have read, keychain place store ios sensitive data such passwords.
- considering restful stateless service: username , password must sent service each request.
this stateless service seems bring following 2 operations each call:
- go go keychain , credentials
- validate credentials
q1:does mean every request password must retrieved keychain , passed server?
q2: makes me wonder, go stateless or not?
the keychain place persistently store sensitive information, yes. if using username , password , keep duration, storing in memory (ram) typically ok. if wish remember next time user must never provide again, must store in keychain.
typically store password in memory (even session) once retrieved keychain.
Comments
Post a Comment