Dart/Flutter auth implementation

2,616

Solution 1

This is not related to flutter, it is pure dart but :

For cookies, there's dart:io with Cookie class There's the boolean secure property and boolean httpOnly you can set.

As for Http connections, you can simply use dart:http's HttpClient. OR you can use flutter's createHttpClient method which is recomended by flutter for testing purpose (mock) ; as stated here

Solution 2

I've published a small flutter library called requests to assist with cookie-aware http requests (with the assistance of shared_preferences)

  • as of now, it uses shared_preferences which is not the best practice (security-wise) to store sensitive data (session-ids etc) Issue #1

pubspec.yaml

dependencies:
  requests: ^1.0.0

Usage:

import 'package:requests/requests.dart';

// ...

// this will persist cookies
await Requests.post("https://example.com/api/v1/login", body: {"username":"...", "password":"..."} ); 

// this will re-use the persisted cookies
dynamic data = await Requests.get("https://example.com/api/v1/stuff", json: true); 
Share:
2,616
user462455
Author by

user462455

Updated on December 03, 2022

Comments

  • user462455
    user462455 11 months

    I am working on a sample Flutter mobile application.

    Does Flutter / Dart have any http libraries that support persisting secure cookies.

    Example use case ( guessing it should be pretty common use case): User logs in once and the application should be able to use secure cookie from successful sign-in until session gets expire/ user signs out.

    On android, OkHttp supports persisting cookies and sending those persisted cookies whenever client (application) makes a request to the backend.

    What is the best way to acheive that in Flutter?

    Thanks