how the iphone apps keep user logged in

Question

A lot of apps keep user logged in until user manually logs out like facebook, dropbox, etc.

I am wondering how they achieve it? There might be several approaches:

1)Do they store the username and password in a local storage, and automatically log the user in when they open the app again after a long time?

2)Or do they get a long-lived token from the server, and once the user login at very first time, the app gets a token from the server, later on they just use the token? The token will be valid until user manually logout from the app.

For #1, it will only work for native login, if an app supports "log in with facebook or twitter" it won't work.

So I just want to get an idea about how people achieve this feature? Is there any articles talk about it?

Answer 1

Most services like Facebook and Twitter use OAuth to manage the user session.

I use this external framework... https://github.com/nxtbgthng/OAuth2Client

It took me a while of reading and setting up to get right but it works now.

When the user logs in they get an auth token that contains an expiry date. When the expiry date comes the system automatically refreshes the token.

When I send a request to the server I send it via the OAuth framework and it adds the authorisation automatically.