I have an Android game and I want it to store data - say a high score for example - against each user on a server backend.
Here's a list of outrageously demanding requirements! It's unlikely any solution can meet all these demands, so I've changed/prioritised them:
Minimum/very easy server and client code
Free/cheap
Automatically scalable and no/little server maintenance
As secure as possible with minimum code
Seamless - no user action required to authorise/choose anything
I know about Parse, and that seems the easiest option but I'm concerned about the future cost and would prefer more control so I'd like some alternatives.
AWS seems a lot of effort, although it handles secure anonymous authentication fairly easily and well.
App Engine would be great if there was an easy way to secure requests without requiring the user to login or authorise app engine.
So... I want the seamlessness of Parse, the security of AWS, and the auto-scaling of App Engine. Also the ease of use/coding of Parse. Fingers Crossed. :)
Thanks
My advice: use Parse, but create enough abstraction/encapsulation in your models so that swapping Parse out for another service won't be so painful. But seriously, I don't think Parse will get expensive (or even not-free) until your app is seeing very high demand. Furthermore, the Parse guys seems pretty committed to openness: you can export your data as a CSV and they have a REST API so any type of program you write can access the data.
If you're determined to roll your own, I'd recommend creating a Rails back-end with Heroku. Piggyback SSL is free, HTTP Basic Auth is really easy in Rails, and the entire stack will play nicely with whatever db you'd want to use (I'm assuming NoSQL since you want flexibility).
Any PaaS that supports SSL and a dataabse will probably do. Estimate your traffic, data storage and processing needs and pick one that is cheap enough to get started. App Engine is going out of beta soon, and the pricing model will be changed, so if you want autoscaling you'll have to pay for it.
What exactly is 'secure anonymous authentication' and how does AWS support it?
Related
I am taking a drive into GTFS (and only a couple months into learning Android coding). I signed up as a Developer for my transit system and received a key for their GTFS data download.
However, they require that you download the GTFS data to your own servers rather than pointing your Android App directly to their servers to get the feed. Basically, I need to accomplish the below.
Their Servers ---Data---> My Server ---Data---> My App
My app will have all the tools to read/manipulate the data so the My Server part should do nothing to change the data.
I've looked into services like Amazon Web Services which has a free tier but not sure if that is what I need. Also, if it is what I need, then unsure of how to tell it to get/store the data from the transit system's servers.
Appreciate any help!
One of the easiest ways to get started, if you want to host your own server, is to use node-gtfs. However it is not the only way.
The shortest learning curve would be to use one of the two services that host transit data and provide APIs that you can use to build your own app:
Transitland
TransitFeeds.com
There are also a number of other libraries/tools/servers in other programming languages (depending on what you are comfortable with and what your goals are). OneBusAway is probably the most robust but unlikely to run on the AWS free tier. A good list of the others can be found here.
I am developing a voting application based on Android. This app will be used to create user accounts, receive notifications and caste vote.
I want to develop a back-end server for this application which will also have an Administrator interface to create new voting events. I want to know what all options I have to implement this project.
The server must maintain user account records in a secure manner, send out one-time-passwords from email, have sessions implemented for users logging in from the Android App, send out notifications about upcoming events to the app.
What back-end technology, database, parsing(for communication between server and android application), encryption(for secure communication) should I use to make this possible?
I also want to know how would I be able to host this server, both on a local virtual machine as well as on an online hosting.
The scope of your project is far too large if you're wanting sessions, administration views, E-mail integration, encryption, etc., without even knowing how it would all interact, or even what language to use.
As for what languages / services you would need, it varies for each task:
For administration views, you're probably looking at either ASP.NET or PHP with a CMS.
In terms of security, you'd want either MySQLi, or preferably, PDO. Make sure to read up on how to prevent things like LFI, RFI, SQLi, and XSS if you want semi-decent security.
Both ASP.NET and PHP can handle sessions, and they're fairly easy to understand in either language, so that wouldn't be too much of a concern.
While you can send out E-mails directly using scripts like PHP's mail() function, you probably want a system that can easily monitor things like how often users click on certain links, where the people who click the links are located, what campaigns are most effective, etc. For that, you'd want a service like MailChimp, Marketo, or Pardot.
As for how to have the back-end interact with the front-end, you're working with Android, so you're probably working with Java. That means you would be limited to functions like HttpMethod. Having said that, you can create plain HTML applications, or use a service like PhoneGap. In either of those situations, you have AJAX at your disposal, which will make things a lot easier.
For hosting, simply do a Google search for 'web hosting service'. There's literally thousands of decent hosts. Some have better pricing than others, but some have better features. I can't really recommend any brilliant ones, as they all meet different needs. To host locally, you'll want either IIS, or WAMP / LAMP depending on whether you are running Windows or Linux.
If you're not familiar with almost every term that I've mentioned, then the scope of your project is too large, and you'll definitely want to scale back.
I don't mean to scare you off, just making sure you're aware of just how difficult it would be to put all of that together :)
Currently I'm in the planning/research phase for a final year college project I will be starting soon.
I want to make an android application focused on GPS/Tracking. The aim is to group together users on different devices. One user can generate a password which then can be used by other users which will then create a group. Anyone in this group can then see each others locations on google maps.
My question is what would be needed to create such an app? I have no experience in android development, I have a basic enough understanding of Java and Python.
From my own understanding I believe I would need Google Maps API, a server and a database.
Any articles/tutorials or advice would be greatly appreciated.
From Android side:
For acquiring GPS location you may want to use GoogleApiClient. This will give you good location results even if GPS won't be available in certain location because it also uses Wi-Fi for localizing and it has some other cool options.
Check out this tutorial:
http://www.androidhive.info/2015/02/android-location-api-using-google-play-services/
To handle connection to the server you may be interested in using Retrofit or at least Unirest. These are libraries which are helpful in making requests to your server.
For map displaying you can use Google Maps or OpenStreetMap.
From both sides:
In order to send something to the server and receive the response you may want to use some serialization tool. Consider communicating using JSON and using for example, GSON for that purpose. There are many tutorials for using this on the web. For example: http://www.javacreed.com/simple-gson-example/
From server side:
Check out Spring Boot Framework. It's really powerful framework. It may be too much for starters but it's good to know it anyway. It will give you a possibility to make server with easy to maintenance code. You can just make a method and annotate it with #RequestMapping("/players").
jOOQ will give you possibility to build type safe SQL queries. Although, it's not necessary to have it, it will make things easier.
Although it'll probably be small application, you may be interested in using some database connection pool. For example: HikariCP
Database: You have to choose your database engine. I'd recommend using PostgreSQL with PostGIS plugin because by using them you can for example, easily calculate distance from one person to another. It will handle the curvature of the earth for you. Generally, it's useful for storing location data.
You can make everything alive on your computer or you can use one of the cloud computing service providers. For example, Amazon Web Services provides EC2 instances and relational databases like PostgreSQL and they give you free tier, so you can use their services for free with limited usage and for limited time. They also are friendly to students. Check out GitHub Student Developer Pack.
I am in the process of developing an app with the help of someone else for a site I am developing. This app being developed will require access to the database on the web server. So my question here is typically I would want to keep my servers access limited to specific IP's however. Mobile devices all have there own ip's from what I hear. So if this is the case I essentially have to open up my database access to allow any inbound remote connection. Which is more than possible, but I forsee a potential security risk with that. namely in the notion of someone attempting to brute force the DB to gain root access or something to the effect there of. With that my question comes down to is there a more secure way of doing what I need in the overall? Is there any methods I can apply that would allow me a little more peace of mind. The DB I am currently using is mySQL, and will generally remain that type til later in the future.
Your concerns about security risks are valid. You should avoid a situation where countless mobile apps are making database connections to your MySQL database. A better solution would be to host a REST API layer in front of the database. This would allow you to control what portions of your database are accessed, but potentially include authentication routines as well. The REST web services you publish will give you the opportunity to produce permitted representations of your data rather than raw access to the data. That means in addition to producing web services, you'll need to develop the app to be a REST client that consumes these services or makes "requests" to them on an as needed basis. Obviously, this requires planning on both sides of development (back-end and front-end).
One possible solution to consider for producing REST web services is here:
http://phprestsql.sourceforge.net/
There are additional frameworks available for PHP, Java, ASP.NET and other platforms.
http://peej.github.com/tonic/
http://jersey.java.net/
Good luck!
Why not access the database via an API and then secure the API? So in essence, you should have a REST(or anything) API on your web server which your mobile application talks to which subsequently talks to the database. Accessing and securing your API will make a more cleaner and leaner design.
I'm currently developing my first Android application and still in the designing stage trying to come up with a solid model.
My application will use the GCal data from a users Google calendar and sync it up with one or more other users to determine common meeting times between all without the tedious back and forth of scheduling over email.
I vision this working by storing each user and their calendar data in a database that will be refreshed daily. When a query to determine the optimal meeting times between a group is issued, I want to select the calendar data of each user from the database, perform the computation to find optimal times, and display the results back to the user who made the query.
The AWS SDK for Android supports Amazon SimpleDB and S3, in which case I would use SimpleDB for my database. Where I am getting lost is using the Amazon EC2 web service in concert with the SimpleDB to perform the computation.
First off, any feedback on my approach and/or design is appreciated.
Second, how does using non-Android, but Java based APIs/SDKs effect applications, or is it even possible to do so?
The API typica for Java looks interesting and useful if it is possible to use with Android for instance.
Thanks!
So, I think its important to note a couple of things.
What you are describing is not an 'android application'. Its a web service application with an android client. The reason I'm being pedantic is that many of the design decisions you need to make are completely besides the fact that your primary client will run on android.
I'm concerned about the viability of storing the users calendar in a non-relation database. I don't know if you've already looked through this, but the problem you are trying to solve (calendaring) seems like it would benefit from the relational benefits of a relational database. For instance, i'm not sure how you would structure for storage the data of past, present and future events/meetings in a non-relational. Its probably possible, but i'm not sure if its optimal. Depending on the amount of data you may also need to consider the maximum record size.
While its true that AWS SDK for android supports writing to S3 or SimpleDB, I think there is a lot to consider. The reason you are confused about the interaction with EC2 is that normally, your EC2 web service will be interacting with S3 or SimpleDB. By using the AWS SDK you can, in theory, remove the requirement for a web service. My main issue with that is that you're now forced to do lots more on each client because there is no common access pattern. Your ios client or web client needs to have all the same logic that your android client has to make sure its accessing your s3 and simple db data the same. If that doesn't make sense i can elaborate.
Using non-android api's and sdks is a mixed bag. Sometimes it works fine if the classes compile to Davlik. If they don't it doesn't work.
One thing I might point out, since you'll already possibly be tied to a Google technology is Google App Engine. The nice part about it is that there is a free level of service which lets you get your app up and running without cost. Based on the technologies you are suggesting, it might be something for you to look into. Other than that, my other strong suggestion is that you focus on building out the web service first and independently of the android client. Take the time to model what the client server interaction would be and move as much of the 'logic' to the server as is possible. Thats what I felt like was missing from your initial description. Where the crunching would be.
my solution is that you use O-O principles. store your db on amazon dynamoDB and then sync user data with the mobile app. then you do processing of the data/computation on the device before displaying the results