User - how long is a session id valid?

Question

After logging a user in I get a session id. To log the user out I have to use this session id.

If I get a logged in user from the user service, it does not have a session id.

(1) Does that mean, that I have to safe the session id myself? And that it is valid for an unlimited time?

(2) Does that mean I don't have to get the user from the user service to check if the user is logged in? I can rely on my saved session id, so as long as I don't log the user out and have a session id, the user is logged in?

Answer 1

Hello,

To answer your query, whenever you log in using authenticate method of App42 User service, you will get the session id. You can save this sessionId  in your app local storage to maintain the session of user. If you want to invalidate that session, you can call logout api to invalidate the session of user. 

Let me know if it helps.

Himanshu Sharma

 

Comments

Hi, but I'm not using the USERS service, instead I created my own collection in the storage service for my users data, so the SessionId will still work? Another question, if I get the SessionId, how can I use it to do transactions, do I have to send it everytime I do a query for example? Thanks for your last answer.

---

Hi Leandro,

You can use session service to get the session of users and save into local storage. Please have a look at this link(http://api.shephertz.com/app42-docs/session-management-service/) for more details and let me know if it helps.

Regards,
Himanshu Sharma