You're not bound to have the same authorization mechanism for both services if it doesn't suit your Android app, but you can:
how are you supposed to store a cookie on an app?
A cookie is just a header (not much different from the Authorization header OAuth2 uses), your app has a HTTP client, they usually handle cookies easily.
I'm quite sure there's a way to store a cookie in Android, by Googling I found these:
I do not know how up to date such info is because I have zero experience developing on Android but I do know that whenever you have a decent HTTP client, you have support for cookies (they are not a new technology ;-))
But how do you check wether an user is authenticated or not in a single page application? What if I'm running an app and web app on the same API?
It's quite straightforward:
what do you mean?
Android App & Website sharing the same API & Authentication service, how are you supposed to store a cookie on an app?
You're not bound to have the same authorization mechanism for both services if it doesn't suit your Android app, but you can:
A cookie is just a header (not much different from the
Authorization
header OAuth2 uses), your app has a HTTP client, they usually handle cookies easily.I'm quite sure there's a way to store a cookie in Android, by Googling I found these:
I do not know how up to date such info is because I have zero experience developing on Android but I do know that whenever you have a decent HTTP client, you have support for cookies (they are not a new technology ;-))
If you're sending http requests with headers back and forth than you must have cookies because cookies are essentially just a header. Right?