What info i can get from an app and send to service recognize ?
I want to create web service which could recognize user apple id, well in first place i don't now how to get apple ID from app. Maybe someone could help me with this
If this not possible, what would be safe way to for app to communicate with web service? Some how it should recognize the user and let him for example download something.
I don't know if you can get the user's apple ID. What's wrong with the UDID for identifying a user?
You don't want to use the UDID any more since it's going to be fazed out in iOS 5. According to the docs your not going to be able to access the UDID any longer within code, but I'm pretty sure it may not take effect right when 5 comes out since there are a lot of people who were using it (I was using it myself until I heard of this to create an encryption key but now we use a few different items) for similar reasons.
How is each person identified on the server that is connected to your web service? Does each person have their own login name, password, maybe even a unique id that is created for each user? Anyone of those items could be used in your web service requests if you have a setup page that asks them to verify a username and password, then with that initial request you can have your webservice pass back the unique identifiers for that person and save them in the app. Then all the other requests can pull that identifier out of the app and send it along with the request to prove that it's coming from a valid user.
I am just wondering could i use apple ID to identify user ?
I want that one user could log in to web service just from his own phone, and his friend with user name and password couldn't log in and download files from other phone.
I am just wondering could i use apple ID to identify user ?
I want that one user could log in to web service just from his own phone, and his friend with user name and password couldn't log in and download files from other phone.
Well the AppID wouldn't be useful in this scenario since that ID never changes so if the users goes to his friends phone, downloads the app and then logs in he's still going to have the same access as he would have had on his own phone. One thing that you could possibly do for this is to have the app create a random set of numbers and/or characters on it's first launch that will be passed back to your DB and stored as a user key for that associated username. Then if that same person goes to someone else's phone and tries to log in with their credentials then the web service wouldn't respond since the key on the new device wouldn't match the key that is stored in the DB for that users. The only problem that you will have with this scenario is if a user gets a new device, then they would need to contact you to have the key cleared from the db since they own a new device (like going from an itouch to an iphone). This would also be a problem for those users that have multiple devices (iphone and ipad).
Why are you concerned with restricting a user to a single device? It seems to be a bit counter productive to tell a person they can only use your app on one device forever especially for the two reasons posted above (which I would assume is a large majority of people since I have multiple devices myself and have some of the same apps on all of them).
Well the AppID wouldn't be useful in this scenario since that ID never changes so if the users goes to his friends phone, downloads the app and then logs in he's still going to have the same access as he would have had on his own phone. One thing that you could possibly do for this is to have the app create a random set of numbers and/or characters on it's first launch that will be passed back to your DB and stored as a user key for that associated username. Then if that same person goes to someone else's phone and tries to log in with their credentials then the web service wouldn't respond since the key on the new device wouldn't match the key that is stored in the DB for that users. The only problem that you will have with this scenario is if a user gets a new device, then they would need to contact you to have the key cleared from the db since they own a new device (like going from an itouch to an iphone). This would also be a problem for those users that have multiple devices (iphone and ipad).
Why are you concerned with restricting a user to a single device? It seems to be a bit counter productive to tell a person they can only use your app on one device forever especially for the two reasons posted above (which I would assume is a large majority of people since I have multiple devices myself and have some of the same apps on all of them).
Because i am going to sell music, newspapers and user could download them in app for a fee first time and if he already bought it and deleted from app he could download same music or newspaper for free because he already bought it. For that reason i can't let that he could with his user name and password to connect from other phone, because he could download that music and newspaper to his friends. I thought about that solution my self, but there is a problem because if he lost his phone or have multiple then he would contact me. But if there is 1000 people and they will contact me every time when they go to there friends and lie that they change phone and will download all files for free to friend. Will go back home and again contact.
Apple ID in app
Linear Mode
