How to verify ownership of device

Is there an implicit way of getting the user to sign in to the device again to prove authenticity?

e.g. password to device, or fingerprint (if applicable)

1 Like

i did not understand from your topic name but from post i think you told how to make them sign in again… if yes then just make them sign out and again sign in

my question was refering to the same type of authentication a banking application would use instead of a PIN for ease of access, very sorry to confuse you :slight_smile:

If I understand you correctly, you want you app to timeout if the user has not been active for a set period of time.

There are a few approaches that come to mind with Thunkable, none of them clean or easy.

At the most basic level, you could create a function to check the last time the user performed a “valid” action. If the elapsed time exceeds a certain threshold, (5min), reset the user password and navigate to the sign in screen of you app. You can measure the time elapsed using the SECONDS SINCE 1970 block in the device section. If the timeout period has not expired, reset the last valid action time to the current time.

You can now add this check function as the first action in all of the click events of your screen.

1 Like

It would be nice if our signin block had “check if refresh token is valid” and the ability to set the duration of time passed for timeout.

3 Likes

Oh, I was thinking in a totally different direction. I thought a kind of device ID is required like IMEI so the app can determine that the user is logging in from the same device.

Maybe I understood it wrong.