after logging in to APP once, you don"t need to log in again every time you enter the app. How can we complete this function if we use PHP as the background? What if the SESSIONID is added to each request, but the SESSION expires? And how to verify whether the request information is bogus? How to validate the request? What I used to do every day is that the web side never thought about this problem, and now I need to do API development to ask for great advice on these issues