You could look into using tokens. They would have a workflow like this:
- User logins for the first time
- Server generates a new secure token and returns it to the app
- App persists the token and uses it to authenticate requests made by user
- When token expires, app requests it to be regenerated.
A common standard used for tokens is OAuth, and you can read more about it here.