Skip to content
This repository has been archived by the owner on Feb 28, 2024. It is now read-only.

Session

Jump to bottom
Jan Skrasek edited this page Feb 12, 2018 · 5 revisions

Session module allows managing a session for handling user data.

See session module api-doc.

Session Handling

To retrieve current active session, call getSession() on session facade. This method is synchronous, quite fast and doesn't have to be called on a background thread.

val session = sdk.sessionFacade.getSession()
val hasSession = session != null

To sign out, call signOut() method.

Authentication Methods

You may create a user session by multiple methods.

JWT Token

This method uses standarzided JWT specification. It's your responsibility to authenticate an user & validate his identity. After a successful authentication, your server will use the clientSercret to generate a JWT token and encrypt your's internal userId into the JWT token. The userId is connected directly to your B2B client id and will not be available for any other B2B clients.

To generate a JWT token use the following configuration:

  • {"alg": "HS256","typ": "JWT"};
  • JSON {"external_user_id":1234} as a payload where the 1234 will be replaced with an user id;
  • your clientSercret as secret;
val jwtToken = fetchJwtTokenFromYourServer()
val result = sdk.sessionFacade.signInWithJwtToken(jwtToken)

You must not generate JWT token on client side, clientSecret is unprotected on the client side and the attacker may then easily log in to your users' accounts on Sygic Travel.

Google Id Token

This method uses Google's user session. To use this method, you have to request "id token" during user authentication through Google, as documented in Authenticate with a backend server. Then pass the id token to the Sygic Travel Sdk.

val idToken = getTokenFromGoogleSignInAccount()
val result = sdk.sessionFacade.signInWithGoogleIdToken(idToken)

Facebook Access Token

This method uses Facebooks' user session. To use this method, you have to use Facebook's access token from user authentication, as documented in Facebook Login for Android - Quickstart.

val accessToken = getFacebookAccessToken()
val result = sdk.sessionFacade.signInWithFacebookAccessToken(accessToken)

Device Id (Anonymous Session)

Sign in with device id provides an anonymous session that have a full session behavior, e.g. synchronization and storage of user data. This may be used for user's future sign in/up. Before signing in with the user's account you will have to sign out the anonymous session, then after signing in the previous anonymous session will be automatically merged into the new signed session.

val result = sdk.sessionFacade.signInWithDeviceId()

Credentials Accounts

You may also use credentials accounts - accounts with an "email" and "password". This is not a recommended method. Sdk provides appropriate API: signInWithCredentials(), register(), alternatively a resetPassword() method for sending an email to the user with reset-password link.

val registrationResult = sdk.sessionFacade.register(email, password, name)
val result = sdk.sessionFacade.signInWithCredentials(email, password)
val resetPasswordResult = sdk.sessionFacade.resetPassword(email)
Clone this wiki locally