为了更好的用户体验,貌似很多APP在第一次登录后就不再验证用户名和密码了?
如果要验证是如何验证的?
用户更改了密码,又如何处理?
ringa_lee2017-04-17 16:30:03
After logging in, the server will issue a token to the client. The verification sum of the token depends on the user, password and time, and is time-sensitive.
Then the client will be trusted as the specified user based on the token.
When the password is changed, a new token will be generated. At this time, the old token will be invalid, and the user verification will not pass.
There are many ways to pass the token, such as through signature or by passing parameters.
黄舟2017-04-17 16:30:03
I checked some other answers and then compiled an idea myself. Please judge whether there are any flaws or areas that need improvement
@rebiekong @egan 
阿神2017-04-17 16:30:03
Not really. You must verify your account and password every time you log in. It just saves it for you, and then you can use the saved account and password directly when you log in again. Moreover, the saved account password should be encrypted, and device information may also be verified.
So if the user changes the password, of course it will show that the password is wrong
