5

I am implementing the feature of automatically logging in the user in an iOS app. This is easy for a single app as we can persist the username with NSUserDefaults while the password using System Keychain.

Now, I want to do it across multiple apps. In my understanding, we'd need a unique device identifier for this, which we can pass to the server and then use it to activate auto login across multiple apps on the same device. Now since, Apple prohibits the use of UDID now, I am thinking of using the Vendor Identifier which would of course require me to set the Bundle IDs accordingly. Is this the best way possible? Or is there a better standard method that is more effective?

Also, Is it at all possible to have auto login between different devices? Like for e.g. If I login on one iOS device and then open the app in another, I should automatically sign in.

rmaddy
  • 314,917
  • 42
  • 532
  • 579
utsavanand
  • 329
  • 1
  • 3
  • 15
  • 1
    Just save the access data (like the token) in the keychain. Since the keychain can be accessed by apps from the same developer, you can just pickup the login data in any of your apps. **DON'T** ever save the password in the `NSUserDefaults` since then the password is stored plain text on the file system of the iOS device, which isn't a good idea. – rckoenes Jun 04 '14 at 09:03
  • @rckoenes What if someone encrypted the password first and then stored it in the NSUserDefaults?? – Supertecnoboff Jun 04 '14 at 09:08
  • @Supertecnoboff Yes that might work, still the KeyChain should be the place to store these kinds of data. – rckoenes Jun 04 '14 at 09:11
  • @rckoenes Awesome thanks. I have been wandering about this for quite some time. Keychain it is then. – Supertecnoboff Jun 04 '14 at 09:11

1 Answers1

2

To implement login between multiple iOS apps you can use the same App ID prefix in them. It will work because they will share keychain data. Here you can find more details: https://developer.apple.com/library/ios/technotes/tn2311/_index.html

And here the related question: Keychain group access to share data between my existing applications

And about automatic sign in between different devices. I used encrypted iCloud Key Value storage to store login & password between devices. And it worked but not too good. Problem is that first time you start app on new device it will take some time to sync data from iCloud to local storage. And this means that first time you trying to Sign In and may need to wait for some undefined time. In may case it was about 20 seconds. To long for Sign In in a good application :) And of course this require user to be logged in iCloud with the same Apple ID.

ASAIK there is no proper way to implement automatic Sign In from multiple devices. And Apple recommend just to ask for Sign In on every new device of user.

Community
  • 1
  • 1
Vanger
  • 692
  • 4
  • 10
  • 1
    Thanks a lot! Can you point me to a link where Apple specifically mentions to ask for Sign In on every new device? I know this is a very specific case. But I need to exhaust all my options and be completely sure before I can decide scrapping the feature of automatic sign-in between multiple devices? – utsavanand Jun 05 '14 at 10:58
  • I doesn't have exact link with this suggestion. But I the following expirience: we made app with subscriptions via InApp Purchase and send it to iTunes Connect. Apple Review team reject out app becuse of 11.6 from review guides: https://developer.apple.com/appstore/resources/approval/guidelines.html . With the rejection they wrote to us reconmendation to implement Sign In functionality to allow users sync their subscription on multiple devices. – Vanger Jun 05 '14 at 13:19
  • @Vanger instead of storing the user credentials, wouldn't it be much better to store the cookies or the token of the user. – rahulg May 31 '18 at 14:57