I couldn't find information on this. I have an iOS app, written in swift. Firebase is my storage and database place. For now, I authenticate my users with email and password (no social media auth). My question is - is it possible after they've created their account to create many sub accounts? And if so, how do I track those (meaning, which is the primary account and how to switch between them - something like twitter and the way it allows to use multiple accounts and switch between them)?
My goal is to allow each user to have/create multiple accounts, make 1 account primary and the rest would be secondary accounts. Not sure if Firebase allows any of this though. I know this is broad description, but I want to make sure that this is indeed possible before I try to do anything like that. Any ideas?
We're developing a Rails app that will serve as a backend for multiple apps. The Rails app will have a web CMS that will let admin users to manage their mobile apps (one admin user can have 1..N mobile apps).
The same Rails app will also serve as an API for those mobile apps. The mobile apps are completely separated one from each others, not sharing any data among them. We have users with different roles (global_admin which manages his app in the CMS, place_manager which manages his place in the app within the CMS, and users of the mobile app). These users are not shared between apps (if a user signs up in a mobile app, he will be able to log in only in that app; so if he wants to log in another mobile app he needs to register again).
Which is the best approach to achieve this? We are thinking about:
Option 1: we can have a single User model, with different roles on different apps (global_admin on app 1, user on app 2, manager on app 3...). If a user signs up for app 1, a record is created, and if he signs up for app 2, we only add a role to it, but he thinks that he created a new account.
Option 2: we can create a record for each user on each app (removing the uniqueness constraint on the email field)
Option X: ideas?
Thank you in advance
The API/API users scenario looks like a situation for multi-tenancy in which each app runs as a separate instance. You can look at something like Apartment for database level multitenancy, or Milia for app level multitenancy.
Database level is generally easier to manage, but you will need a workaround for the global admin requirement.
I suggest the following approach if you would like to use a single rails application for multiple mobile apps.
For users you can have different API returning different kinds of users, specific to the application requirement.
Use STI to differentiate users for each apps(in this way, you could have only a single table for users but different models)
These users are not shared between apps (if a user signs up in a
mobile app, he will be able to log in only in that app; so if he wants
to log in another mobile app he needs to register again).
In my opinion these are three different Rails apps. Obviously the apps have nothing in common, in particular no data is shared.
I think Option 1 would work well in your case. You can setup a has_many :through relationship between apps and users that will contain information regarding the user's role for that particular application (assuming only one role per user per application).
With this approach the workflow would be a bit different than what you describe though. If the user is not registered at all (i.e. no record with that email exists), they will need to signup (email + password) at which point you'll create the user record (with hashed password) and setup the association to the mobile application. If the user IS already registered, you don't want them entering a new password again, you'll simply want to setup the association. This can be handled via first_or_create. Hope this helps.
For an App I'm working on, we're considering part of an organisation's pricing being based on the number of users an organisation has. For this, we'd need some mechanism to ensure that a user's login isn't shared within an organisation.
One approach would be to use UIDevice.currentDevice.identifierForVendor, but this wouldn't allow a user to be signed in with more than one device.
I wondered if there is some way to access an anonymised version of the user's Apple ID, hashed and salted with our vendor ID (and even application ID) so that it doesn't allow for tracking and introduce privacy concerns.
Using this at login would restrict a user account to only be used by devices having the same Apple ID, which would be a good enough protection against account sharing, I think.
If not – any thoughts on how else we might add a per user component to pricing?
Thanks.
I have an existing rails application where the users can register, login and do a few activities. Now I want this to be done through an api so that this it could be used from some kind of external app like for an ios or android application.
I have doubts on how to approach this. I have before created versioned apis and also secured them with the technique of uuids for each user. But here, I already have validations for the user model which validates his email, password and stuffs. I dont think that would be a rightful approach when it comes to the api, specially for a mobile app user to be entering a password to register is not the common practise I think. If some one could suggest an idea where the api could be integrated with the existing application logic and let me know how to bypass these validations, it would be of great help.
I am building a RoR application, and I am trying to develop an invitation mechanism, in which users can invite other users by email.
However, I want that if a user already exists in my users table it will reference to it, or, when a non-existing user was invited and he gets registered, I have a reference to it too.
What is the best modelling schema for such scenario?
Thanks!
Maybe just use
devise_invitable?