-
Notifications
You must be signed in to change notification settings - Fork 1
Session
Session module allows managing a session for handling user data.
Working with session module requires enabled user-data.
To retrieve current active session, call getSession()
on session facade. This method is synchronous, quite fast and doesn't have to be called on a background thread.
val session = sdk.sessionFacade.getSession()
val hasSession = session != null
To sign out, call signOut()
method.
You may create a user session by multiple methods.
This method uses standardized JWT specification. It's your responsibility to authenticate a user & validate his identity. After a successful authentication, your server will use the clientSercret
to generate a JWT token and encrypt your internal userId
into the JWT token. The userId
is connected directly to your B2B client ID and will not be available for any other B2B client.
To generate a JWT token use the following configuration:
-
{"alg": "HS256","typ": "JWT"}
; - JSON
{"external_user_id":"1234"}
as a payload where the"1234"
will be replaced with your user ID, the is has to be a string; - your
clientSecret
as secret (provided client secret is not base64 encoded in context of JWT algorithm);
val jwtToken = fetchJwtTokenFromYourServer()
val result = sdk.sessionFacade.signInWithJwtToken(jwtToken)
You must not generate JWT token on the client's side, clientSecret
is unprotected on the client's side and the attacker may then easily log into your users' accounts on Sygic Travel.
This method uses Google's user session. To use this method, you have to request "id token" during user authentication through Google, as documented in Authenticate with a backend server. Then pass the id token to the Sygic Travel SDK.
val idToken = getTokenFromGoogleSignInAccount()
val result = sdk.sessionFacade.signInWithGoogleIdToken(idToken)
This method uses Facebooks' user session. To use this method, you have to use Facebook's access token from user authentication, as documented in Facebook Login for Android - Quickstart.
val accessToken = getFacebookAccessToken()
val result = sdk.sessionFacade.signInWithFacebookAccessToken(accessToken)
Sign in with device id provides an anonymous session that has a full session behavior, e.g. synchronization and storage of user data. This may be used for user's future sign in/up. Before signing in with the user's account you will have to sign out the anonymous session, then after signing in the previous anonymous session will be automatically merged into the new signed session.
val result = sdk.sessionFacade.signInWithDeviceId()
You may also use credentials accounts - accounts with an "email" and "password". This is not a recommended method. SDK provides appropriate API: signInWithCredentials()
, register()
, alternatively a resetPassword()
method for sending an email to the user with reset-password link.
val registrationResult = sdk.sessionFacade.register(email, password, name)
val result = sdk.sessionFacade.signInWithCredentials(email, password)
val resetPasswordResult = sdk.sessionFacade.resetPassword(email)