I am designing application's functional and structural flow and need suggestion in one condition.
In this application mobile number is a userId of a user i.e. user can register to the app through mobile number and now he/she wants to change the mobile number and want all the data on the current number. So what should be the process to do all this ??
Your suggestion will add value to my thought. Thanks..
Related
I am making a commuting web with vuejs and firebase.
I want to make this:
The boss gives the employee a different authentication number every day, and the employee (user) has to enter the authentication number when pressing the go to work button. (to To make sure he's the one boss hired.)
For this function, I can make this with v-if (v-if code == 123 like this), but the problem is that I cannot edit the code every day. How can I change the authentication number every day without touching the code?
I would also like to create an app that can easily change the authentication number so that the CEO can use it.
Well you can do this,
Whenever the boss sends the authentication number to a particular employee, save that authentication number in firebase under the employee's details as for eg. - "todaysAuthNo: 123456" , when the employee(user) enters the number and press the go to work button then check whether the number entered by the user matches with the number entered by the boss i.e. check whether it matches with "todaysAuthNo: 123456".
Hence, next time when the boss enters a new authentication number it will get replaced with the old number in "todaysAuthNo" and also the user will need to enter the new authentication number entered by the boss to login.
I'm developing an android app which contains registration form also,
Here I want to make user can register only once in the device. and if register again (by clearing data or reinstall) with different mobile number and email id, app should give error message.
I think you need to check IMEI number of device
IMEI number will not be changed if sim card changed.
This alone cannot be achieved on mobile device itself. You also need to maintain server which keep the identity of device and user mobile number together. device identity can be combination of IMEI and device id
When you try to register, you do all local validation on client but ultimately 1 network call is must to register, for this send device_id and newly registered number.
Next time when some user tries to register with new number from same device, u'd already have this information on server, server can respond back telling, hey looks like this mobile device is already associated with an number do you wish to use the previous number instead.
In case, user denies, he must be allowed to delete the old relation between oldnumber-current device.
There after he can proceed with the way initially he started to register.
Also this is completely business requirement, whether u want to have 1device-> #numbers or #numbers -> 1device. But i would rather suggest to keep it safe simple and secure with 1device->1number.
For Android Version 6 And Above, WLAN MAC Address has been deprecated.
For uniquely Identification of devices, You can Use Secure.ANDROID_ID.
And we don't need any additional permission to retrieve Android ID.
you can get Android Id like:
public String getDeviceUniqueID(Activity activity){
String device_unique_id = Secure.getString(activity.getContentResolver(),
Secure.ANDROID_ID);
return device_unique_id;
}
You can do this by below approach.
On sign up, get user device IMEI number as well and store on server database as well.(In this step make sure that user that IMEI number does not exist)
So basically on barlcays uk app you can have a button to direct call them from within the app.
The phone number is just a normal number +44 333.... doesn't seem to include any personal information or token about me/app.
So from the app it makes a call to this number +44 333... and I don't need to provide any information about me.
But if I call again the same number without the app I need to answer security questions.
So how do they do it? based on my current number and a small time interval?
I am developing android application in which want to keep track of online users.
When the user install the app, he gives his number and country code, we register the user with that number.
Now whenever he starts the application he sends the list of all mobile contacts to server to find who is online.
The problem with this approach is same mobile number can be in different format like
+91 9665123456
91 9665123456
0 9665123456
9665123456
Lets assume while registering the user A gave number +91 9665123456 and we register the user and make it online whenever the app is running.
But in user B mobile, his number is stored as 09665123456, I need to query whether user A is online or not, but as both number are different what approach to use ?
I am not sure how whatsapp approaches to this problem?
The other way what I can think of is using libphonenumber to find the number match but it also gives probability.
Is there any other approach which is recommended to handle above scenario ?
I would suggest a below approach:
1, Your server should have a list of country codes and the corresponding number of digits allowed for a mobile number in that country
2, When the registered user A , comes online and sends his contacts to your server for the first time, you can check a contact by starting from the left end of the number. If you see a international prefix 00 or +, then take the first digit from left, identify the country code and if the remaining number of digits to the right match the defined number of digits for this country , scan the list of users registered with that country code to see a match. If no, then take the first 2 digits to see for a possible country code and check similarly.
Now if you dont see any international prefixes in a contact, that means the contact is in the same country as A and so you need to scan the list of users registered from the same country after taking the last certain number of digits as required for that country code.
3, It will be better if you generate a unique id for a each registered user which can be used as a primary key for a user database. This will eliminate the need for detailed scan for repeat users. For eg: let A have an id 123 and B have an id 456. When A logs in, set the online flag for A , then search for B and if B is already registered, then add B's id 456 to A's friends list along with corresponding number stored by A. So next time when A comes in, you will see that contact B has a unique ID assigned and so you need to go check if the online flag is set for this ID. Also this will be useful even if a user changes his/her number
I had a similar issue while developing an app. What you can do here is, to check the input for special characters, and also take the size in account. Remove the spaces, and store just the last 10 digits. This can be achieved by trimming and subString operations, if the entry type is a string. Then comparison of the two strings should result in a desired manner.
as per my suggestion
==> first of all you remove all space in your number using replace(" ","") function,
==> then use query for match last 10 character so its give you mobile number which you have want to find is there online or offline from users Contact book.
The set-up:
I have an android application that so far can register a user by inserting values into a remote mysql database. I'm now trying to implement the log in.
I was thinking that I can add a "logged in" column to the user table in the database that would store whether or not the user was logged in. Then I would have a trigger that would log the user off after a certain amount of time has been elapsed.
The application's use is to retrieve files based upon if the user has access to a certain file. For this I have an "access" column in the user table table specifying the access a user has to a certain file. I was thinking that when a user clicks an item in a list the application would send their login information and the server would determine if the information was correct then check to see if they had access to the specified file then send back the file if the information is correct.
The problem I'm having though is that checking the registration information takes about 2 seconds alone(due to connecting to the socket and sending a string over the network) and if I try to check both the login and the access id it would take slightly longer.
I feel as if I'm trying to reinvent the wheel but I can't find any viable resources on this matter. Criticisms? Suggestions?
(I wouldn't mind doing a complete redesign I just need to know where to start)
Never connect a client to a db-server. There's no way to intercept hacking attempts, because privileges are very basic (SELECT, UPDATE, etc., they ignore the query):
UPDATE users SET name='%s' WHERE userID=%i // where %i will be defined as the real userID
Above should be a valid query to update the user's account-information, however, a hacker can easily intercept this and change it into:
UPDATE users SET name='%s' WHERE userID=15 // ... or any other variable
Instead, you should create a web based API which will validate each query, or better, support only specific API-commands:
account/update.json?name=%s