What is the purpose of login.withHash?
diligent
Registered Users Posts: 3 Beginner grinner
I'm just starting out on the API so be patient!
I'm trying to figure out why login.withHash exists. It seems that in order to get the hash you have to first call login.withPassword. Once login.withPassword is called you already have a session id.
So why call login.withHash? Is it so that the client application can store the user's password in a one-way hash without storing the user's plain text password? For example, the application would call withPassword for the first time connection. The user would click "remember me". Then the application would store the hash code and allow logging in at a later time without the user having to retype their password.
Is this the scenario it is intended for?
Thanks,
--
Peter Stephens
http://smugpowertools.codeplex.com
I'm trying to figure out why login.withHash exists. It seems that in order to get the hash you have to first call login.withPassword. Once login.withPassword is called you already have a session id.
So why call login.withHash? Is it so that the client application can store the user's password in a one-way hash without storing the user's plain text password? For example, the application would call withPassword for the first time connection. The user would click "remember me". Then the application would store the hash code and allow logging in at a later time without the user having to retype their password.
Is this the scenario it is intended for?
Thanks,
--
Peter Stephens
http://smugpowertools.codeplex.com
0
Comments
Sessions expire after 6 hours of no activity.
Cheers,
David
SmugMug API Developer
My Photos