I'm working on an app that will be published on the Google Play store when finished. However, my company doesn't want everyone to be able to use the app, so they've requested that I protect it with a password so only our employees can use it. How do I make it so that my app requires a password the first time it starts only?
You could store a shared preference that shows whether the app has been opened or not. The first time the user puts the password in set the flag and then check it in your onCreate method.
Authentication is a very wide subject and I would suggest you start familiarizing yourself with it before starting implementing anything. (just a starting point...)
As for the general idea, You can use Shared Preferences to save a flag that the user has authenticated. Every time your application starts, you check this flag. If the user has never authenticated himself, you present a Login screen.
Once the user gives the proper credentials, you update the flag and indicate that the application shouldn't prompt the user with the Login screen anymore.
Related
Im working on a project where a user isn´t forced to sign up a account.
My plan is that a user could do anything like a user that is registered except for a few exceptions.
I implement a like function which saves the users behaviour on a webserver and later when the data is fetched again it recognized if the user liked something or not. My problem is that I have to save this informations also if the user isn´t registered to my application. A User should be free to decide wheter the user likes to sign up or not and isn´t forced to be a registered user.
I found three different way that could work!
1. Option
First option would be the accountmanager but I don´t like this option at all cause I have to ask for the contact permission and also ask which account a user want to use.
2. Option
A other option would be if a user starts the app for the very first time the app would call a server which creates a random unique code and send that code to my application to save it as key for the users actions which is saved on a server. But that also doesn´t seems to be a good solution for my problem.
3. Option
The last option would be oauth but for now I don´t know if and how it would be the solution to my problem!
I would be thankful for every answer!
I have worked on a comic app that requires saving the user subscribed channels, genre or comics and save the likes/dislikes for the same. User can be subscribed to push notification too.
For this, we used Firebase Authentication (anonymous signup). And to save the user subscription information, we used Firebase Firestore.
And followed the below approach.
As soon as the app opens, check if the user has already anonymous SignIn. If it hasn't, signUp silently.
Add a listener for user push notification token change. And update it to Firestore by anonymous user-id as key (We did same for storing other information too).
I think this approach would help to solve this problem.
You could use firebase auth for that!
Usually, you would use it with email & password or google login but it also has an anonymous login feature that should save the user's phone.
There are few techniques. It depends on whether you want to recognise a user between installations of app. If you are OK to lose a user on reinstallation you can use Firebase installation ID and link users behaviour with this id. If you want to remember users even between installations you can use unique to each combination of app-signing key, user, and device Secure.ANDROID_ID(more info about ids). But still the best way is implementing your own signing in or using of AccountManager.
I an working with an app, where user get a gift on first start of the app.
User doesn't have to register an app.
I need to remember, if the user have already used the app or not.
If I use shared preferences, a database, a file to store flag about user's first using, they will be deleted after the app removing or after data clearing.
How can I persist an information about user's using of the app and don't lose this information after app deletion/data clearing?
Google states in the documentation that "when the user signs out, call CredentialsApi.disableAutoSignIn() to prevent the user from being immediately signed back in (...)".
This is what happens:
User only has 1 credential stored. When he enters the app, he is automatically signed in;
User signs out, and CredentialsApi.disableAutoSignIn() is invoked;
Now, every time the user enters the app, instead of being automatically signed in, he is presented with a chooser, although the chooser only has 1 option, for the only credential stored.
This is very, very annoying. If the user logs out, he shouldn't be bothered every time to login again. Even if he has more than 1 credential. But, for the time being, let's focus on the case where he only has 1 credential.
Is this the expected behavior? I'm pretty sure that when I tested this feature in January, it wasn't like this. Now I'm putting this feature into production, and if this is the expected behavior, maybe I have to
store a flag in the shared preferences for detecting when the user logged out.
The request credential feature is in the main activity of the app, and every time I go there, the dialog chooser appears to request the login.
Unfortunately, you'll have to maintain user state in your app (we haven't made any changes to this behaviour recently, it's always been like this).
If sign-in is optional for your app, here's what we've seen some apps implement:
keep track of whether this is the first run on the device (e.g. in shared preferences), if so, trigger sign-in automatically and show the picker, allowing the user to sign in with one tap if the auto sign-in is disabled or they have multiple accounts
on subsequent app starts, you can still try for automatic sign-in (e.g. after user signs up on web or another device and then opens app), but don't resolve the result if it's not the first run (i.e. don't show the picker, just discard the Intent for resolution or hold it for later)
if the user explicit triggers the sign-in action (i.e. clicks a sign-in button), you can use the intent, or call the API again to help them sign back in to their account, or switch between accounts
Sorry, this requires a bit of state on your side; the CredentialsApi.disableAutoSignIn() sets the sign-in disabled state, but does not track the user's signed-in state to the app (which is dependent on the application developer's logic and has to be managed by the app).
Hope that helps / makes sense, feel free to leave comments. Will see if we can add some guidance to the docs for this!
Is this possible?
Think of the following scenario.
User A logs into device and fires up your app, doesn't like certain features, so turns them off.
Profile is switched to User B. They fire up the app and love all the features that user A didn't like, so they switch them all on.
Is there a way that the profile can be switched back to User A and all the features that user wanted are still switched off? (And on when user B uses the device)........?
The reason I ask is because I'm using local flags to determine if a user has unlocked (Google Play Games) achievements, so if the user reaches the goal, the flag is set like so:
if (!score100_AchievementUnlocked)
if (score>=100){
unlockAchievement(Score100);
score100_AchievementUnlocked=true; //Don't check this any more
}
I'm then saving score100_AchievementUnlocked in sharedPreferences so that we don't keep sending API requests to Google Play Games when we no longer need to.
However, if another user then comes along and plays the game, as things stand, they will never be able to unlock the achievement because the app will never check it (as score100_AchievementUnlocked will be true).
So I'm wondering if I can detect who is the active user on a device and have them use their own sharedPreferences.
You may want to make profile system into your application.
Just concatenate username and every preference to use them as the key for Sharedpreference system.
Then, let the user choose theirs favorite profile to retrieve theirs configuration for the application according to the chosen profile.
Please let me know if you get the idea, hope it help or if you need more information.
Sincerly yours.
I need to write a application which has login functionality. It needs to have user name and password. Once a user logs in I need to switch to an activity that displays data from a REST API.
However I want to know the right way to implement this. I'm thinking that if I login and switch to the next activity, then the first login activity should no longer be reachable unless user logs out. Also I'm thinking that the data activity should not be exported and login might (?) be exported.
Can anyone suggest the right way to implement this ?
Your suggestion is one way to approach this, but it's a bit "brute force".
Is there a reason that users have to log in each time they use the app? Why don't you store the credentials, at least as an option (that is, provide a "Remember me" option?).
For example, the only way to use the Gmail app is to add your Google account credentials first. Once you've done that, you no longer have to provide your email and password when you look at mail. The Gmail app assumes that you've protected access to your phone.
Remember that, for a mobile device, entering text is tedious and error-prone. On the whole, it's best to do it once and store it securely.