I have a Flutter mobile app which uses Firebase Authentication and FireStore. Each user has a profile and setting stored in FireStore.
I must have 3 streams for Auth, Profile, and Settings. When the user starts the app, I need to check the Auth stream to find out if the user is authenticated or not. If the user is not authenticated, I will show the Welcome scree where the user logs in or create an account.
On the other hand, if the user is authenticated, then I need to check the Profile stream to make sure the user does have a profile. If the user does not have a profile, then I will show the create profile screen.
In addition to the Auth and Profile streams, I need to load the Settings screen before sending the user to the home screen. So if the user reached to the Home screen, all 3 streams must have data in them.
If I only have one stream (Auth), then I can handle this. But with 3 streams, I am not sure how to handle this using RiverPod.
Any body can point me in the right direction? Thanks in advance.
Related
I would like to know if there is a way to find out before I send the authorization request if a user is signing up to my app with Apple for the first time, or if he/she is already registered and just signs in.
Basically I have a registration screen in my app, where a user can create two types of users and a login screen where both users can log in. I would like to keep the registration and login separate, so for that I need to know whether its a first sign in with apple.
I'm not sure what database you're using but for Cloud Firestore there is a Sign-in method that can be used with Apple.
I'm creating a book library app, where people buy an account and become able to read all the books...
In the past, we were able to get the UDID of the iOS device and the login only works from this specific UDID.. now apple prevents this, another solutions were there like OPEN-UDID but now doesn't work...
Are there any other means to prevent the user from giving the credentials to another people??
The only solution on top of my head now is this :-
When a user login, a flag on the server becomes true, and when another account try to login using the same credentials, it will show an error message "you are already logged in on another device".. when the original user logs out, the flag becomes false.. this will prevent the account from being used on multiple devices at the same time.. but the drawback is, what if the user unInstalls the app without logging out?
Is there a research on this topic that covers all these scenarios?
Is there a way to use apple keychain or iCloud or any other solution ?
What you can do is on new login invalidate api request(and send them to login screen) of previous login you can use device token with each api to check if you want to send data to device or it's a old login token and needs redirect to login. you have to just store a device token for each account login if it matches then send data else redirect to login
Edit 1:
if you uninstall the app then you have to login again from other device to access the books(data) and in each login you'll replace the old token with new one. Now only device which has this new token can access books. All other device if there are any login left in any device then they will get message from API that token not matched and you have to redirect them to login page again
I am working on an app idea and I am curious if a procedure I am thinking of will work.
When a user opens my app he/ she should login with his Facebook credentials and confirms to some permissions. Then a second user should login with his/ her credentials and confirms to the same permissions.
After the two confirmations I would want to save both credentials (and access tokens?) for future use of the app. So every time the app starts, both users get verified with their Facebook accounts and the app gets activated and can be used.
If I understand the Facebook iOS API correctly, it is not possible to login two accounts at once. So how do I:
Start app
Login user 1
Save name and gender for user 1 in a dictionary (do I need to save username and password?)
Logout user 1
Login user 2
Save name and gender for user 2 in a dictionary (do I need to save username and password?)
Logout user 2
Activate app
Above procedure should run every time an app starts.
I looked at the example app with the iOS SDK (SwitchUser) but I just do not understand where the access tokens are saved and how they can be accessed/ used to accomplish above described procedure.
All the help would be appreciated! Thanks!
I am developing an enterprise application which has user authentication which will be validated at the server side whenever user tries to login through web-service.
I have got a requirement to use iOS touch id for authentication as Apple released the API for 3rd party apps from iOS8.
I could able to find the tutorials on How to use the Touch ID for local authentication, but I am not able to understand how to map my user credentials with the Touch ID.
The exact requirement is user should be able to login to the application with Fingerprint Scanner i.e. using Touch ID but the backend validation should also happen.
How to map the User credentials with the Touch ID finger print? is it possible? if YES, where to store the mapping on local or server side?
Could anyone please help me to understand/implement the same.
Thanks in advance.
Working with TouchID is very easy, For your cases, There is two ways to authenticate user:-
Assumption:- When user is login, we are on application end storing secret token which helps us to validate user.
Using TouchID(iOS 8):-
Using Touch ID, we will get success call back from LAContext user authentication methods if user fingerprints are valid. After that we can acknowledge server directly if required & no required to validate user on server as it is already validate them self using fingerprint scanning.
We must be need to handle authentication fallback mechanism to handle such scenario like "failed to detect finger prints, etc.", In that case we need to authenticate user using Custom PIN or Device Passcode.
Custom PIN/Device Passcode(iOS 9):-
We can either user Custom PIN or Device passcode to authenticate user.
If we are authenticate user with Custom PIN than we required to store user authentication PIN on server & authenticate user every time when access application from background.
If we are authenticate user using Device Passcode(iOS 9), When user enter correct PIN, we will get success call in LAContext user authentication method. After that we can acknowledge server or directly give application access to user.
I got the SSKeyChain working and tested that what is retrieved is same as what was previously stored. I am conducting all of this in the login action when user presses the button. I want to know if what I am doing is correct or not (illustrated in steps below):
User launches application for first time, landing page has creating account or logging in.
User provides logging in credentials and presses the button
In the body of the action, I take the parameters query database (HTTP) and if response is valid, user proceeds. If not, user requested to re-enter credentials.
Once and if user login successfully, I will use SSKeyChain to store his credentials (but what use are these credentials for me in the future?)
What I am really asking is: what is the use of SSKeyChain in above scenario? Also if the user login successfully, where am I going to store his credentials (is it via SSKeyChain) so that next time he will skip the login screen (like facebook, twitter apps).