Dart/Flutter auth implementation
Solution 1
This is not related to flutter, it is pure dart but :
For cookies, there's dart:io with Cookie
class
There's the boolean secure
property and boolean httpOnly
you can set.
As for Http connections, you can simply use dart:http's HttpClient
.
OR you can use flutter's createHttpClient
method which is recomended by flutter for testing purpose (mock) ; as stated here
Solution 2
I've published a small flutter library called requests to assist with cookie-aware http requests (with the assistance of shared_preferences)
- as of now, it uses shared_preferences which is not the best practice (security-wise) to store sensitive data (session-ids etc) Issue #1
pubspec.yaml
dependencies:
requests: ^1.0.0
Usage:
import 'package:requests/requests.dart';
// ...
// this will persist cookies
await Requests.post("https://example.com/api/v1/login", body: {"username":"...", "password":"..."} );
// this will re-use the persisted cookies
dynamic data = await Requests.get("https://example.com/api/v1/stuff", json: true);
user462455
Updated on December 03, 2022Comments
-
user462455 11 months
I am working on a sample Flutter mobile application.
Does Flutter / Dart have any http libraries that support persisting secure cookies.
Example use case ( guessing it should be pretty common use case): User logs in once and the application should be able to use secure cookie from successful sign-in until session gets expire/ user signs out.
On android, OkHttp supports persisting cookies and sending those persisted cookies whenever client (application) makes a request to the backend.
What is the best way to acheive that in Flutter?
Thanks