0

As I want to implement the login function same as whatsapp . If the user login in one device using (email and password) .The same login should not happen in another device.How to implement this functionality in android

In my application whenever the user login ,the status value will be change as 1 in database, when the same user if login in another device means it will show popup, already exist,If the previous user logout means value changed as 0.

But my doubt suppose if the user as logged in and uninstall the app means again he cant able to login again because the value changed as 1.

For the above situation how to handle.Please someone help me.

pramila10 radhakrishnan
  • 63
  • 1
  • 7
  • If no information comes from the logged-in device for a certain period of time, say 5 minutes; then consider an auto logout and change the value to 0. – Rohit5k2 Jun 25 '18 at 07:42
  • 5 mins means its not good way right.but in whatsapp and all how its working. – pramila10 radhakrishnan Jun 25 '18 at 07:45
  • In Whatsapp, when you set up on a new device, old is removed. It doesn't say anything about the old setup and just sets up on new one and expire old one. – Rohit5k2 Jun 25 '18 at 07:46

2 Answers2

0

I am not sure, but the following idea may work.

As also mentioned here, save every users' phone ID to your DB as well. (I am also adding the code for helping you, but as I mentioned code was written by someone else in the link above)

import android.provider.Settings.Secure;

private String android_id = Secure.getString(getContext().getContentResolver(),
                                                    Secure.ANDROID_ID);

Then, check if the user is trying to log in by using that device which has its ID stored in your DB. If this is the case, directly log in the user. This shows that user deleted the application without logging out.

If the user uninstalled the program in the other device and then enters the application from another device, ask the user to log in again. After user logs in, save the current device's ID in your DB. For security issues, maybe you can store the old logged in device's ID and model and more.

I hope I clearly explained to you the idea. Let me know if that helped or not.

Have a nice week!

Ahmet Batu Orhan
  • 118
  • 2
  • 14
  • I didn't understand your concept, if the user loing one credentials means device id store in db at same time another user also can able to login the same credentials right?,whats the use of storing device id.it will be varying in each device. if uninstalling the app means how to clear the id in db,because again we need to show login page – pramila10 radhakrishnan Jun 25 '18 at 09:46
  • You will store the device ID for deleting the app without logging out. To clarify, think that I am using your app with the username AAAAA, and let's assume my device ID is 100. Now consider that I deleted the app without logging out. When I download it again, you will first look at the device ID. Then you will see that the device id is in your DB and the status of that ID is 1, which shows that user deleted the app without logging out. Now, you can either change the status to 0 and let the user to log in again or directly log in to the previous user, with the username AAAAA. – Ahmet Batu Orhan Jun 25 '18 at 10:49
  • Yes,I have one doubt,how to change the status to 0 again,this scenario will happen at the same time,when another user also trying to loggin AAAAA ,what will happen..If may uninstall the app or another user trying to use same username AAAA.for both situation we need to handle right? – pramila10 radhakrishnan Jun 26 '18 at 06:46
  • Yes.I got it your point,Device id is never change right?I try to implement this function now.Thanks – pramila10 radhakrishnan Jun 26 '18 at 06:53
  • @pramila10radhakrishnan Your welcome. Please update me after your implementation. I am also wondering if that solution will work or not. Have a nice day! – Ahmet Batu Orhan Jun 26 '18 at 07:05
  • Yes sure.We are checking device id and status at the same time, if the person uninstalled, again installing means it will check in db ,device id same or not and as well as status value 1 or 0, if it is 1 and same device id means login accepted, orelse if it is 1 but device id is different means,login is not accepted,because already one person using the same credentials.Really Thanks.Now I'm going to implement – pramila10 radhakrishnan Jun 26 '18 at 07:11
  • Batu.I have one doubt device id should not be same for multiple devices right?In stackoverflow i seen sometimes it will come same,is it possible.I checked in some device ,getting different value. – pramila10 radhakrishnan Jun 26 '18 at 07:14
  • [Here](https://developer.android.com/reference/android/provider/Settings.Secure#ANDROID_ID), it says that Android ID is unique. However, as I understood, it can be changed. Also there is a note in the website says that **if the API is higher than 26 and the app is uninstalled and then reinstalled, the value of ANDROID_ID changes**. It suggests to use [key-value backup](https://developer.android.com/guide/topics/data/keyvaluebackup). It seems like implementing a key-value backup will solve your problem better since it includes not only API level 25 and below but also API level 26 and above. – Ahmet Batu Orhan Jun 26 '18 at 08:24
  • i didn't understand abt key-value-backup,eventhough if uninstall means backup also deleted right?like sharedpreference.can you explain pls – pramila10 radhakrishnan Jun 26 '18 at 11:32
0

You need to maintain session for this. when user logins create and return one sessionId for that user. for all request there after need to pass that sessionId. if same user login from another device overwrite previous sessionId with new one. so that based on that first users request will be invalid. and one user is login on one device only

Manoj Bhadane
  • 607
  • 5
  • 11
  • another user should not login the already using credentials, it should not override,once the old user loggedout means then only the new user can able to logout – pramila10 radhakrishnan Jun 25 '18 at 09:51
  • then there is a case where if user login and uninstall app / lost phone. then with same credential we never able to do login – Manoj Bhadane Jun 26 '18 at 04:25