How should I manage user session in CLI application?

Question

I'm developing a CLI based application. It has a "login" command to perform authentication:

$ myapp login 
$ Type username: hector
$ Type password: *****
$ Login success!

Internally, myapp login makes a request against a HTTP API and a authentication token (JWT) is returned, so I need to keep it in the client somehow, in order to send it in subsequent requests.

Should I store this token in disk? Or maybe keeping it in memory and make the session 'volatile'? Is there any pattern or well-known practice for this?

score 2 · Answer 1 · answered Jun 26 '18 at 16:49

I found an answer here: https://stackoverflow.com/questions/9146217/how-does-heroku-store-its-authentication-on-its-command-line-app

It has a Heroku's site link and explains very well how they face this. Basically, they store authentication token in ~/.netrc file.

score 0 · Answer 2 · answered Dec 18 '19 at 22:41

0

You should store the refresh token on the client if you have secure storage for it.

answered Dec 18 '19 at 22:41

Martin K

2,947

How should I manage user session in CLI application?

2 Answers2