How to manage session for OpenMRS Mobile Apps

Tags: #<Tag:0x00007f01ca1d1078>

Hi every one,

I just encountered an issue while working on iOS-Client. I’m using the Authorization: Basic (base64 of username:password) as mentioned here to log in to the OpenMRS Server, and it sends the response with sessionId. After the immediate login, REST calls are automatically authorized since the server has already identified the session.

But when I close the app and reopen - I need to log in with the credentials again. We don’t like this use case for mobile apps since if it logged in time, it should be active for some days until the token expired. I tried to use the existing jsessionId with the REST call Cookie as mentioned here, but it won’t work. So how can we achive this?

I hope Andirod client may have any solutions related to this :slight_smile:

Cc : @f4ww4z

Thanks.

2 Likes

I just implemented like this way,

Once the user logged into the mobile app, I’m storing the base64 of username:password to the mobile storage(Not the username & password) and will use that in each and every REST Call Authorization header(Eg: Authorization: Basic XYZ ). Once the user logout from the mobile app, it will be cleared from the system.

Any thoughts?

Cc :@dkayiwa

Hi @suthagar23, the Android client does use the sessionToken and its working correctly. So it would store the sessionId (called sessionToken in the code) to the storage and the next time the app is started the app is able to find this sessionId and login automatically. See the Session object, this code and saving to storage part. I hope this helps your case.