Am writing an api for IOS application I have some concerns about handling session for the IOS application
When a user login from iphone, I need to pass the session id as login response and use that session id in further api calls for validating the user,
What I have done in my api controller is get the session id and save it to session array along with user details and pass the session id as response
$session = $this->session->userdata('session_id');
$user_array = array(
'email' => $user->email,
'session_id'=>$session
);
$this->session->set_userdata('logged_in', $user_array);
$output = array(
'code'=>200,
'user'=>$user,
'session_id'=>$session
);
$this->output
->set_content_type('application/json')
->set_output(json_encode($output));
For the further api calls, I will get the session_id as a parameter,
I checked its a valid section or not using the following. code
$session_id = $this->input->get('session_id', TRUE);
if($session_id){
if($this->session->userdata('logged_in')){
$user = $this->session->userdata('logged_in');
if($user['session_id'] == $session_id){
// valid session
}
This worked well when tested with postman.
But am not sure , this is the correct way to handle session with API calls.
Will the same work when run from the IOS application?
thanks in advance
