Android Firebase: Prevent The Sharing Of Account On More Than One Device Issue
I am trying to manage users in my firebase app in a way that one account wont be able to be accessed on multiple devices at the same time, but I found a problem in this method:
The way that I am trying:
1) UserA signs in with email ([email protected]).
2) Database is updated to show that ([email protected]) is logged in by device id.
like this:
Users
|
|UserA_uid
|--------device_id= "A_CERTAIN_DEVICE_ID"
3) UserB attempts to sign in using ([email protected]), during that I overwrite the device_id of the userA_uid according to the account.
4) UserA listens to the change IF HE/SHE WAS CONNECTED TO THE INTERNET, and according to the device_id change I sign userA out of the app.
5) and so on.
Now All of the above seems to be a clean solution, that allows one account to be opened only once at a time (By kicking off the other user).
Problem:
I noticed a problem while testing, and that is:
If users are clever enough,they will do this:
1) UserA signs in with email ([email protected]).
2) Database is updated to show that ([email protected]) is logged in by device id.
like this:
Users
|
|UserA_uid
|--------device_id= "A_CERTAIN_DEVICE_ID"
3) User A shuts the wifi or internet off.
4) UserB attempts to sign in using ([email protected]), during that I overwrite the device_id of the userA_uid according to the account.
5) User A never listens to the change, because he/she is not connected.
6) I end up with user A and user B logged in.
If you are wondering (my app works offline).
Question:
Can I manage to solve this issue?
Thanks.
Answer
I thought of a solution. Check that if it works for you -
1) UserA signs in with email ([email protected]).
2) Database is updated to show that ([email protected]) is logged in by device id. Let the device be A1.
like this:
Users
|
|UserA_uid
|--------device_id= "DEVICE_ID (OF DEVICE A1)"
3) And when UserA log out from the device (A1), then you should set device_id to be null as -
Users
|
|UserA_uid
|--------device_id= "null"
4) When UserB attempts to sign in using ([email protected]), then you should fetch the device_id of device (say B1) and you shoud check if device_id (A1) (already existing device_id) is not equal to device_id (B1) (new device) means user has logged in certain device A1. And you should show a message that you are already logged in. And also check if device_id == null means UserA has not logged in any device. So he should be able to log in a device say B1, which will update the database as -
Users
|
|UserA_uid
|--------device_id= "DEVICE_ID (OF DEVICE B1)"
EDITED
One solution could be create a broadcast receiver in an app for listening the action "android.intent.action.QUERY_PACKAGE_RESTART" and match the "package name" in onReceive() method, if matches start a background thread that monitors the foreground running activities using ActivityManager.
When you found foreground activity to be "com.android.packageinstaller.UninstallActivity". It confirms that user wants to uninstall our app. Then start a activity that ask user to logout from the app. Also ensure mobile is connected to internet at this point of time.
Related Questions
- → should I choose reactjs+f7 or f7+vue.js?
- → Phonegap Android write to sd card
- → Local reference jquery script in nanohttpd (Android)
- → Click to navigate on mobile devices
- → How to allow api access to android or ios app only(laravel)?
- → Access the Camera and CameraRoll on Android using React Native?
- → React native change listening port
- → What is the default unit of style in React Native?
- → Google play market autocomplete icon
- → Warning: Each child in an array or iterator should have a unique "key" prop. Check the render method of `ListView`
- → Using Laravel with Genymotion
- → react native using like web-based ajax function
- → react native pdf View