Support Topics Documentation Slack YouTube Blog

Detection of unlogged in users

Is there a way to detect whether a user is logged in or not using REST API?

Hi @Volodymyr_Humnytskiy

I would suggest you to look at the official documentation.

The “user-token” value is returned from the login and must be used in the subsequent requests to Backendless in order to maintain user session. The value uniquely identifies both the user and the session on the server

I think you should check if the user-token value exists and is it valid.

Best Regards,
Maksym

Sorry, Maxim, for me being a little bit annoying with my newbie questions.
I just don’t know how to do it the right way.

The way I am trying to do it is getting your user-token on the client-side and saving it to user’s LocalStorage. Then I try to check whether user-token is empty or not, and if not, I give the access for the user to enter the app.

I don’t understand why do I need to use user-token in the subsequent requests to Backendless. You’ve said that it is aim to maintain the session, but I don’t know how is it hapenning.

I am also thinking about nullify all my work that I’ve done to save user-token on client-side, because, I’ve heard about Backendless’s “Cookie-based Authorization”

If you do not send user-token back to the server with subsequent requests, the server will have no idea what user/session that request is for. Without user-token, it will be just another non-authenticated request.

If you use the Cookie-based Authorization, it will make it easier for you as the browser will be handling the process of sending back session information (in the form of a cookie) completely automatically.

Regards,
Mark

I’ve read the REST API documentation and there are a lot of request that require to specify user-token in value in header. Is it a rule for maintaining the session?
I mean, there are a few request without user-token in its header in documentation and I do not know whether to send user-token or not.

Also, I can’t find documentation about Cookie-based Authorization. Is there any?

This question is not related to the Backendless. Cookie-based Authorization is handled by the browser itself. I believe you can find all necessary information with Google. :slight_smile:

Best Regards,
Maksym