我目前在我的android应用中使用Retrofit 2通过php服务器登录/注销。我的问题是我注销(或认为我已经注销)。但是,如果另一个用户使用不同的凭据登录,他们最终将看到我的个人资料的详细信息(由于未正确完成注销)。由于我已经注销,因此后者不可行。改造2是否有办法确保其他人登录可以查看其个人资料而不是我的个人资料。这是什么意思,我不希望通过“ set-cookie”或任何其他形式记录任何请求。这样每个登录请求都是独立的。预先感谢。
我的登录API如下
public static UconnectLoginInterface getUconnectLogin(final String User, final String pass) {
if (UconnectInterfaceHandler == null) {
HttpLoggingInterceptor logging = new HttpLoggingInterceptor();
// set your desired log level
logging.setLevel(Level.BODY);
OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
// add your other interceptors …
// Define the interceptor, add authentication headers
Interceptor interceptor = new Interceptor() {
@Override
public okhttp3.Response intercept(Chain chain) throws IOException {
// Request newRequest =
// chain.request().newBuilder().addHeader(User,
// pass).build();
Request newRequest = chain.request().newBuilder()
.addHeader("Authorization", Credentials.basic(User, pass))
.cacheControl(CacheControl.FORCE_NETWORK).build();
return chain.proceed(newRequest);
}
};
httpClient.interceptors().add(interceptor);
// add logging as last interceptor
httpClient.addInterceptor(logging); // <-- this is the important
// line!
OkHttpClient client = httpClient.build();
// previous build STILL VALID
// httpClient.build();
// Retrofit retrofit2 = new Retrofit.Builder()
// .client(httpClient);
Gson gson = new GsonBuilder().setLenient().create();
// retrofit = new Retrofit.Builder().baseUrl(ENDPOINT_URL)
// .addConverterFactory(GsonConverterFactory.create(gson)).build();
retrofit = new Retrofit.Builder().baseUrl(ENDPOINT_URL)
.addConverterFactory(GsonConverterFactory.create(gson)).client(client).build();
// create here
UconnectInterfaceHandler = retrofit.create(UconnectLoginInterface.class);
}
return UconnectInterfaceHandler;
}
我的注销API如下:
public static UconnectLogoutNowInterface getUconnectLogout(final String User, final String pass) {
if (UconnectInterfaceHandler == null) {
HttpLoggingInterceptor logging = new HttpLoggingInterceptor();
// set your desired log level
logging.setLevel(Level.BODY);
OkHttpClient.Builder httpClient = new OkHttpClient.Builder();
// add your other interceptors …
// Define the interceptor, add authentication headers
Interceptor interceptor = new Interceptor() {
@Override
public okhttp3.Response intercept(Chain chain) throws IOException {
// Request newRequest =
// chain.request().newBuilder().addHeader(User,
// pass).build();
Request newRequest = chain.request().newBuilder()
.addHeader("Authorization", Credentials.basic(User, pass))
.cacheControl(CacheControl.FORCE_NETWORK).build();
return chain.proceed(newRequest);
}
};
httpClient.interceptors().add(interceptor);
// add logging as last interceptor
httpClient.addInterceptor(logging); // <-- this is the important
// line!
OkHttpClient client = httpClient.build();
Gson gson = new GsonBuilder().setLenient().create();
retrofit = new Retrofit.Builder().baseUrl(ENDPOINT_URL)
.addConverterFactory(GsonConverterFactory.create(gson)).client(client).build();
// create here
UconnectInterfaceHandler = retrofit.create(UconnectLogoutNowInterface.class);
}
return UconnectInterfaceHandler;
}
在服务器注销代码级别,如下所示:
public
function uconnectmobilelogout($client)
{
if ($client)
{
unset($_SESSION['ID_client']);
unset($this->ID_client);
$this->logged_in = false;
$_SESSION = array();
// clear session from disk
session_destroy();
$this->token = "";
}
if (isset($_SESSION['ID_client']))
{
unset($_SESSION['ID_client']);
unset($this->ID_client);
$this->logged_in = false;
$_SESSION = array();
session_destroy();
$this->token = "";
}
}