1

I want to allow user to be logged in into app based on devices only. Like if user have username and password and he logged in with one device then he could not log into another device unless Admin's permission.

I can go with following things but that is also not usefull in my case,

  1. Vendor IDs :

Erased with removal of the last app for that Team ID.

  1. Advertising IDs :

That is unique to the device but Reset with “Erase All Content & Settings”. Also apple would reject it if I am not using iAd.

  1. Keychain :

I can use keychain to store device Id like password but that will also change once the provisioning profile get changed.

Note: I want user's to be access the app only for the device which admin has given permission. Like once user logged in with one device for next time onward he/she should not logged in with another device without Admin's permission.

Parth Pandya
  • 1,460
  • 3
  • 18
  • 34
  • Apple iOS 7 puts an end to unique device IDs –  Feb 03 '16 at 05:32
  • @Divyesh: Yes I know that but I want an alternative solution. – Parth Pandya Feb 03 '16 at 05:35
  • Check this... http://stackoverflow.com/questions/24753537/unique-identification-of-ios-device-for-ios-7-0-and-above – Sudheer Kolasani Feb 03 '16 at 05:36
  • @Shudheer: I checked this link but it shows Storing in keychain can solve issue but I already mention that in question that what would be the case if we use keychain. – Parth Pandya Feb 03 '16 at 05:48
  • Keychain changes upon changing the bundle id not provisioning . – Shobhakar Tiwari Feb 03 '16 at 06:25
  • @ParthPandya I din't get your question.. is the case only for login. means if user is logged in on one device (not logout) then user can't login on other device ? If this case then you need to send sessionID (sent by server to you in response of login API) sessionID for user is unique. if user tries to login on other device then API should handle this that session for this user is not expire/valid. – Rohit Wankhede Feb 03 '16 at 07:04
  • @Rohit: No I want to make the app device specific. user can login on both the devices at any time but for that he might have to get approval from admin for the second device. – Parth Pandya Feb 03 '16 at 07:08
  • @ParthPandya this might be the solution: storing UUID in keychain. sent it in login API param. check bellow: considering there is no registration process. if yes then it will be too easy. just add one more param with registration API for UUID. and sent it in every login API with other params for valid login. on error basis you can show respective error msg admin permission required or not etc.... – Rohit Wankhede Feb 03 '16 at 07:42
  • 1
    @ParthPandya --- first time login: API param (username, password, uuid) ,, uuid - will be empty for first login, API will allow login, for empty uuid for that user. IMP but only when there is no uuid for that user at server. after successful login, hit another API which with param uuid for that user. also store uuid at keychain so for next login you will have uuid value.-- if user wants to login on other device then for first attempt s/he will send empty uuid but server will not allow login though its empty uuid but it has uuid value for that user. so you can notify admin with this situation. – Rohit Wankhede Feb 03 '16 at 07:42
  • @ParthPandya check this http://stackoverflow.com/questions/7273014/ios-unique-user-identifier/8677177#8677177 – Rohit Wankhede Feb 03 '16 at 07:53
  • @ParthPandya is above information helpful? – Rohit Wankhede Feb 04 '16 at 06:35
  • @Rohit: yes it is kindly helpfull, Thanks a lot – Parth Pandya Feb 04 '16 at 10:19

1 Answers1

0

This might be the solution: storing UUID in keychain. sent it in login API param. check bellow: considering there is no registration process. if yes then it will be too easy. just add one more param with registration API for UUID. and sent it in every login API with other params for valid login. on error basis you can show respective error msg admin permission required or not etc.... --- first time login: API param (username, password, uuid) ,, uuid - will be empty for first login, API will allow login, for empty uuid for that user. IMP but only when there is no uuid for that user at server. after successful login, hit another API which with param uuid for that user. also store uuid at keychain so for next login you will have uuid value.-- if user wants to login on other device then for first attempt s/he will send empty uuid but server will not allow login though its empty uuid but it has uuid value for that user. so you can notify admin with this situation. Check this iOS unique user identifier

Community
  • 1
  • 1
Rohit Wankhede
  • 506
  • 5
  • 15