How to prevent 2 people from using the same login


#1

Hi guys, i am thinking, in my country is so “normal” try cheat some apps to don’t have to pay to use…

So, my first solution to impossibilite this its a login with a phone number, but i dont know if this are the best way…
So, anyone know how is the best way?

Thanks!


#2

In Firebase, You would need to make a list of each device that the user signs in on, then set each one to true or false. (each app knows its unique device name, whether is be random numbers, letters, or both)

Then when you start the app and log in, it checks for its name, and if set to true, then call log in, if false then don’t. and if you log in and its false, it sets all other devices to false.

Then simply add a listener to the current device, so if i sign in elsewhere, it will sign me out. Like snapchat.


#3

Hmmmm… sorry eoinparkinson… but i don’t understand how it is will prevent not 2 members use the same login to use the app…

But what u recommend? use only the cellphone number to conect or not have problem use e-mail too?
And how to put only cellphone number to conect in firebase?


#4

Hi, Yukold :wave:

For each user, store a boolean tag in their details area named logged.
When a user registers, while u store his/her data, store logged also.

So, if anyone else tries his/her login again, logged tag is true then he is not allowed to take the user’s login.

Hope it helps :wink:


#5

Yeah i think this too… maybe is the best way…

so, how i do this? need blocks in the thunkable or in firebase its possible do this?

My question about login white only cellphone number its possible? i think this 2 way is the best to prevent =)


#6

if a user ends the app, then you cant call sign out.


#7

I not understand yet what i do :question::sweat:


#8

For example, in Spotify, each device is registered. If you create a register for every device signed in on, and on that device save its name. By comparing if the current device name (eg 123) and a tag in firebase called device 123, if its true then call sign in, then set the rest to false. Then that means when another user tries to log in its false and the same idea applies to the current user. Then to have real time sign in and out, add a listener :slight_smile:


#9

Yeah.

How would you get the device ID/Number/Name? :thinking:


#10

Hi Kartik, i never thought this …

I just watch one tutorial to link login with firebase … with email … but i thought how many people will try cheat and i just are thinking how to prevent this …
If the login you need to be using is the phone number, I think it is impossible to share, because you will need (after 24hrs) another sms to login … i will prevent many people in this method …
So i just open a new topic about this to know if anyone knows best method …


#11

You can as of now only get the platform (android or ios) but you do not need to know the device actual name or what platform. You just need a unique ID for it. The other option is, is make a value, and if it is = to the device name then allow login, and if not then don’t log in.

So make a tag called logged and set it to the unique device name.

Now when this device signs in then thats all good. And just add a listener on every screen and log in, if tag logged is = to device name then allow access, and if not return to log in.

If a new user logs in, set the tag logged to its device name, so now it is set as the current user.

This means that for features like in Spotify where you can select devices, can’t be a thing. But it is a valid option, I believe.


#12

I think this is good… but if i can do this and put if are 2 same people using the same login block use the app for 30 minutes is possible too? he show the message “You can’t use the app because 2 people are using and its not allowed, try again X minutes”


#13

I wouldn’t be too sure about that. That sounds like something that should be server side and not client. The fact that you are dealing with time and the app will not be open the entire time, it is quite hard to do times. And you can’t compare the device time compared to the time set in Firebase as a number because of time zone differences and the fact you can manually change a device’s time.

I don’t believe timers work in the background. Maybe there is some sort of API where you can send a time and retrieve a countdown and if finished true? Not something I have looked into I am afraid but I do believe that the sign in and sign out feature will work.

Also a dual sign in penalty might not be fair on the user as they may be logging into a friends device if theirs is out of charge etc.


#14

Well noted eoinparkinson… i not thinked all this possibilities…

well … what do you do now?


#15

Continue with the sign in method that I mentioned, if that is still a plan for you. For the count down, I found this Web API.

TimerCheck

Don’t ask me how I found it, it just came up :stuck_out_tongue:

I have had a rough look through it and I believe you can send a specific time and retrieve a countdown from it :slight_smile:


#16

Excelente!


#17

Nice… i just need now how to work with wep api and try use in thunkable… haha
But thanks!! Its a solution for now =)


#18

I am sure you understand how to use Web API?

If you have any trouble also finding the path to the value you want. Go to the json link of the web api, hit Ctrl+S on your keyboard, then import the json you saved into Firebase. I find this helps to get a better picture to find what you are looking for.


#19

Thanks !


#20

In Thunkable Classic there was an extension to read phone number (and IMEI) so you can pair login data to phone number to prevent multiple access. IMHO, it’s the best way to do it! I don’t know if there is the same function in X, too.

I discourage you to use a logged flag as someone says. What about if app crash or close itself and the user try to login again from the same phone?