I am rebuilding an Android app and want to authenticate users only once (the very first time they use the app). From that point on, I would like for users to be saved to the db so they can have quicker access to their account without having to sign in every single time they use it.
Thank you!
Related
Im working on a project where a user isn´t forced to sign up a account.
My plan is that a user could do anything like a user that is registered except for a few exceptions.
I implement a like function which saves the users behaviour on a webserver and later when the data is fetched again it recognized if the user liked something or not. My problem is that I have to save this informations also if the user isn´t registered to my application. A User should be free to decide wheter the user likes to sign up or not and isn´t forced to be a registered user.
I found three different way that could work!
1. Option
First option would be the accountmanager but I don´t like this option at all cause I have to ask for the contact permission and also ask which account a user want to use.
2. Option
A other option would be if a user starts the app for the very first time the app would call a server which creates a random unique code and send that code to my application to save it as key for the users actions which is saved on a server. But that also doesn´t seems to be a good solution for my problem.
3. Option
The last option would be oauth but for now I don´t know if and how it would be the solution to my problem!
I would be thankful for every answer!
I have worked on a comic app that requires saving the user subscribed channels, genre or comics and save the likes/dislikes for the same. User can be subscribed to push notification too.
For this, we used Firebase Authentication (anonymous signup). And to save the user subscription information, we used Firebase Firestore.
And followed the below approach.
As soon as the app opens, check if the user has already anonymous SignIn. If it hasn't, signUp silently.
Add a listener for user push notification token change. And update it to Firestore by anonymous user-id as key (We did same for storing other information too).
I think this approach would help to solve this problem.
You could use firebase auth for that!
Usually, you would use it with email & password or google login but it also has an anonymous login feature that should save the user's phone.
There are few techniques. It depends on whether you want to recognise a user between installations of app. If you are OK to lose a user on reinstallation you can use Firebase installation ID and link users behaviour with this id. If you want to remember users even between installations you can use unique to each combination of app-signing key, user, and device Secure.ANDROID_ID(more info about ids). But still the best way is implementing your own signing in or using of AccountManager.
I am working with Cloud Firestore and I came to the question on the top. I will set you an example
The user installs the app and log's in with Google. I save the log-in information in the device storage so the user does not have to log in every time. It is also stored in Firestore with a generated ID.
The user plays with the app and one day uninstalls it. This erases the log-in information in the async storage, losing the generated ID that granted him access to the app.
One day he decides to install it again, let's say in another device to make it harder. He had various information in his profile or maybe an active payment plan he forgot to delete and he wants to do it now. He clicks on google log in since it was how he did it, but now the profile information is gone because another account was created with another generated ID.
How to avoid this? I want the app to remember the user account in some way. The user account would be stored in my Firestore.
According to the docs:
For Android and iOS, offline persistence is enabled by default.
Meaning that by default, Firestore creates a locate copy of the database on the client's device.
User installs app and log's in with Google.
So I assume you have already implemented Firebase authentication with Google.
It is also stored in Firestore with a generated ID.
Without seeing that "generated ID", it's hard to say if it's the correct ID or not. The idea behind this authentication is to sign-in your users with Firebase, no matter what the provider is. Furthermore, if you want to save user data in Firestore, store it into a document whose id is the user ID that comes from the authentication process. In this way, doesn't matter what the provider is, you'll always store the data under a document whose key will never change.
User plays with the app and one day uninstalls it. This erases the log-in information in the async storage, losing the generated ID that granted him access to the app.
It's true that if the user uninstalls the app, all the cache is wiped out from the storage, including the log-in information. That being said, bear in mind that you should never store such information on the disk. When using Firebase authentication, there is no log-in information that needs to be stored. If you didn't still implement it, I recommend you start with the docs.
One day he decides to install it again, let's say in another device to make it harder. He had various information in his profile or maybe an active payment plan he forgot to delete and he wants to do it now. He clicks on google log in since it was how he did it, but now the profile information is gone because another account was created with another generated ID.
This is only happening if you are using a type of ID other than the one explained above. If you had used the ID that comes from the authentication process, the second time the user tries to sing-in, even if using a different device, he'll be recognized as the same user with the same data. In this way, the user will be able to access the same document with the same data and recreate the local cache.
Im not sure in which framework you are working in to create the app, but firebase sdk has sign in along with create user with email & password. Needed data could be saved to user's document on Firestore.
I have developed an android "Group Chat" app. Me and 20 of my friends are using this app to group chat with each other. When I look at the firebase database, I obviously see 21 users (including myself). However, I can't know whether all of them actually have the app installed on their phones, or some of them have uninstalled it. Is there any way I can differentiate among my uses? Generally speaking, can I "flag" my users as, say, active, inactive, and the like?
What is if you add a timestamp every time a use log in. With this timestamp you can see how long the user not log in and so if he is in active for a long time or not. It's not say if the user have delete the app. It's only a prognosis.
If i understand correctly your question, it can be split in two parts.
First part is whether you want to know if your users are online or offline this could be achieved by an online presence system as described here
The second part is whether or not users have installed or uninstalled your app.
In my opinion easiest way to do this is by using the Firebase Analytics SDK. This way you can check the app_remove stats and whenever a user uninstalls an app, it gets updated in the console under events section.
This will give you how many devices uninstalled the app and some info on country, gender and age of the user but you could couple this with a "last login" timestamp to pinpoint the exact user.
More details along with how to include analytics SDK to your app can be found here
Or you can use the .info/connected to have this functionality in your client code. You can read more info about this here and the sample presence app at the bottom of the page will help you get a grip on how to do it.
One possible solution is to add a flag in the database as the child of the user. This flag will have an initial value of active.
And instead of uninstalling the app directly, you can have a delete account functionality in the app, and whenever someone wants to delete his/her account, it simply updates the flag to inactive in firebase database.
Now you will know actually who is active / inactive.
Im developing an android application for the first time (no prior experience whit coding....). Mainly the app is going to be used at work as a tool for service technicians. The app is almost ready for field testing, but there is one thing i need the app to do before that. I need the app to force the user to log in every time its opened. This is because some of the info on the app is confidential, and only people that currently works for the company is allowed to have this info. Whit firebase i can then block the users that leave the company, or users that are not verified. Currently the users sign in whit google and they stay signed in until they clear the app data or delete it.
I have looked far and wide for the answer to this, but i have only come across different use of timers.
If anyone has a better solution to this "safety" issue, im open to anything.
If you are using Google Sign-In for authentication, there is no out of the box support for forcing your user to authenticate with Google every time they use your app.
This makes sense, because the user is still authed with Google on your phone. A login system only authenticates the user; it doesn't inherently protect data stored on the device. As long as Google has a valid access token, the user won't have to type a username and password again (and simply clicking "login with Google" again doesn't really provide extra protection here).
If your primary concern is blocking access to users who have left the company, you should be covered if you are using Google Apps for your company. If you disable the user's account, their access tokens should become invalid. Google Apps admins can also manually revoke access to specific apps for specific users.
If you don't use Google Apps (e.g. your users are using #gmail.com accounts or accounts from a domain outside fo your control), you might want to consider implementing a list of users allowed to access the application, and verify the current user has access by checking that list via an API call on launch.
If the goal is really protecting the confidential information in the application, you might want to take an approach similar to Android Pay in which you require your user to set and enter a PIN number to access the application. As an added benefit, you can then use that PIN to encrypt any confidential data you are storing locally.
I will suggest you take a look into shared preferences and every time when the user is back into the app you send them to the login activity.
I am building an Android App using the Dropbox Core API.Every time the app tries to retrieve the data from Dropbox, he is presented with the Consent Screen.I want this Consent Screen to appear only once during the login.
Please Help!
It sounds like your app is programmed to call startOAuth2Authentication (or the like) every time it tries to retrieve the data from Dropbox. Instead, you should have your app call it once, and then save and re-use the access token that you get back. The tutorial for the Dropbox Android Core SDK says:
You'll need this token again after your app closes, so it's important
to save it for future access (though it's not shown here). If you
don't, the user will have to re-authenticate every time they use your
app. A common way to implement storing keys is through Android's
SharedPreferences API.