autologin best practice
just looking for some advice, im making a desktop app and when the pc restarts it does not save the last session so the user has to log in again, i want to make it log in automaticly, i have a couple of ideas, the first one was to store the username/password in the os specific keychain/creditional manager then when the program loads it will load those in and log in. the downside to this is obviously there password is then accesible by a bad actor. the other idea i had was to generate an authentication token that is stored when they first register and then use that to validate any server side functions i run i also planned on having this change every time they make a request. is there a better way to do this? or which one would be best practice?
