How should I manage user session in CLI application?

I found an answer here: https://stackoverflow.com/questions/9146217/how-does-heroku-store-its-authentication-on-its-command-line-app

It has a Heroku's site link and explains very well how they face this. Basically, they store authentication token in ~/.netrc file.

• 1
  Key word is token. The value in password should be a one-way hash, preferably salted, etc. Bottom line is that if two people have the same password it shouldn't look like it in the .netrc file. Hopefully the ruby gem the Heroku team created will handle that detail for you. If not, be aware.

  Berin Loritsch

  – Berin Loritsch

  2018年06月26日 17:41:10 +00:00

  Commented Jun 26, 2018 at 17:41
• 3
  Storing contexts and sessions in hiden files and folders is quite common. In my recently experience with CLIs for cloud platform such as OpenShift, Azure and Bluemix I have realised that they, in essence, do the very same. Storing tokens in files is fairly common. One important thing to be aware of is the token expiracy. The use to be short-living tokens with no refresh tokens. Remember also the concurrency. Several processes reading-writing the same file might lead you to unexpected security issues.

  Laiv

  – Laiv

  2018年06月27日 21:41:47 +00:00

  Commented Jun 27, 2018 at 21:41
• 2
  And this is essentially the same as what happens when you log in to a website - the browser stores a cookie on disk, which acts as a token for access to your logged in session.

  bdsl

  – bdsl

  2018年08月26日 08:46:37 +00:00

  Commented Aug 26, 2018 at 8:46

You should store the refresh token on the client if you have secure storage for it.

• design-patterns
• authentication
• cli