I am building an Android App using the Dropbox Core API.Every time the app tries to retrieve the data from Dropbox, he is presented with the Consent Screen.I want this Consent Screen to appear only once during the login.
Please Help!
It sounds like your app is programmed to call startOAuth2Authentication (or the like) every time it tries to retrieve the data from Dropbox. Instead, you should have your app call it once, and then save and re-use the access token that you get back. The tutorial for the Dropbox Android Core SDK says:
You'll need this token again after your app closes, so it's important
to save it for future access (though it's not shown here). If you
don't, the user will have to re-authenticate every time they use your
app. A common way to implement storing keys is through Android's
SharedPreferences API.
Related
I am rebuilding an Android app and want to authenticate users only once (the very first time they use the app). From that point on, I would like for users to be saved to the db so they can have quicker access to their account without having to sign in every single time they use it.
Thank you!
Im developing an android application for the first time (no prior experience whit coding....). Mainly the app is going to be used at work as a tool for service technicians. The app is almost ready for field testing, but there is one thing i need the app to do before that. I need the app to force the user to log in every time its opened. This is because some of the info on the app is confidential, and only people that currently works for the company is allowed to have this info. Whit firebase i can then block the users that leave the company, or users that are not verified. Currently the users sign in whit google and they stay signed in until they clear the app data or delete it.
I have looked far and wide for the answer to this, but i have only come across different use of timers.
If anyone has a better solution to this "safety" issue, im open to anything.
If you are using Google Sign-In for authentication, there is no out of the box support for forcing your user to authenticate with Google every time they use your app.
This makes sense, because the user is still authed with Google on your phone. A login system only authenticates the user; it doesn't inherently protect data stored on the device. As long as Google has a valid access token, the user won't have to type a username and password again (and simply clicking "login with Google" again doesn't really provide extra protection here).
If your primary concern is blocking access to users who have left the company, you should be covered if you are using Google Apps for your company. If you disable the user's account, their access tokens should become invalid. Google Apps admins can also manually revoke access to specific apps for specific users.
If you don't use Google Apps (e.g. your users are using #gmail.com accounts or accounts from a domain outside fo your control), you might want to consider implementing a list of users allowed to access the application, and verify the current user has access by checking that list via an API call on launch.
If the goal is really protecting the confidential information in the application, you might want to take an approach similar to Android Pay in which you require your user to set and enter a PIN number to access the application. As an added benefit, you can then use that PIN to encrypt any confidential data you are storing locally.
I will suggest you take a look into shared preferences and every time when the user is back into the app you send them to the login activity.
I am working on an android App where I need to keep user activity log of the logged in user.
Suppose if I like one page of the app, it will show in the user activity log section.
Please help me how to do that?
If you have multiple users logging into the app then you need to design a database based on your requirements and put that database in a remote location so your users can access it from anywhere. You can either buy your own space at a hosting site (you will need to interface your database to app manually) or use a web database service like Firebase, Cloudboost, etc. (their SDK will allow you to interface app and database, hence integration should be easier).
You need look at your needs and budget as some of the above services may not be free and I suggest you do a thorough research before selecting one.
I am implementing a pure Holo Soundcloud app and I would like to avoid having to authenticate the users as soon as they open the app the first time.
This kind of connection wall puts off a lot of users that simply close the app and never open it again.
Since I need an authenticated user to interact with the Soundcloud API, can I create a 'dummy' account used by all my users until they authenticate ?
This account would be able to consult the list of hot songs and use the player, but unable to share sounds, like a track or do anything else that suppose a real user account (and be presented with the connection screen instead).
Is it something possible with the Soundcloud API or will I encounter a limit (for example on the number of people that can use the account at the same time) ?
You don't need to be authenticated to access much of the API. Only the actions you'd expect, actually: things like getting the current user, their current tracks, editing, favoriting, uploading etc. Getting hot tracks, playing tracks, finding all the tracks and playlists of a user, etc, don't need any authentication.
Following are my problems:-
Is it possible to get the list of applications that a user has installed, against their google account through Google Play, programmatically through the use of any api?. Please note that I am not asking about the list of apps currently installed in the device, but ones that have at some point been installed.
I need a solution to the above as I am thinking of a scenario in my app, which is:
I want to give my app to the user for free during the first three months, after three months if user uninstalls the app and then installs it again I want to detect through any api (from Google Play) that the user has installed the app a second time (and should not get any free usage). Please note that I don't want to use any web service to store the account id & device id of the user at my side.
For option 2, you can create a file on the SD card. This will remain there when the user uninstalls/installs. But the user can always delete your special file. Unless you do something at your side, you are never sure if the user already used your app before.
To be completely sure, store it online:
You will need to have a very simple database which holds a list of device_id that installed your app.
Further more a webpage which fills this database.
In your app you download/open this webpage which the webpage will fill the DB.
App > WebClient (or other) which opens http://www.example.com/registerDevice.php?device_id=. The php site fills the db.
You app will need to check the database if the current device already has installed this app inorder to work/not work. You can do this via the same php and check the response. You could for example return 'ok' or 'not ok' or something else.
The simplest method is to get the account of the user the first time he/she runs the app, and send that detail over to you.
How this is can be done is well-documented over here: How to get the Android device's primary e-mail address
You will have to add another line of code to check back to the database at the first start of the app.
EDIT: For a non-web solution, simply add a timer to the start of your app:
schedule(TimerTask task, Date when)
the task should be adding a token AFTER the period of time you wish to give, to the phone's memory with the user's account details for authentication (see first solution on getting the account details)
Finally, as above, add a check-back to the phone's memory for that particular file to see if the user has used the app before.
The problem with any type of authentication that is based on the phone's memory is that people can easily remove the token, if they can find it, and reuse the app again.
Try this device specific implementation:
PackageManager packageManager = getContext().getPackageManager();
List<ApplicationInfo> applications = packageManager.getInstalledApplications(
PackageManger.GET_UNINSTALLED_PACKAGES);
// retrieves some information about all applications (even uninstalled ones)
// which have data directories
Of course this method won't work if user replaces the device. But you don't need to use any web service.
You can use this by keeping a database of hashed device id and users google id on a 3rd party server.
Also see http://android-developers.blogspot.de/2011/03/identifying-app-installations.html