发表新帖
发表新帖

Firebase : Prevent same account on multiple devices

后端 未结
关注
2 1050
孤街浪徒
孤街浪徒 2020-12-16 04:00

I\'m working on an angular app and I use Firebase to authenticate my users. I would like to know how I could prevent my users to give their account to other people. Also I w

相关标签:
2条回答
  • 暖寄归人
    2020-12-16 04:12
    • Actually, you can't prevent your user to share their account with other people.
    • But, you can make sure your user can only sign in on only one device at the same time.
    • Normally, you can't sign out an user who already login, unless you can notify your client about the message.
    • But Just as @DoesData said, you can keep an sign in status data, and when the client visit the server, it can discover that it already be signed out, or others already singed in.
    0 讨论(0)
  • 不知归路
    2020-12-16 04:29

    Since you didn't state what language you're using I'm just going to use Swift, but the principles behind what I laid out here are the same for any language.

    Take a look at this question. It appears that Firebase does not directly support what you are looking for. You can however, do something like this:

    Create a tree in your database that stores a boolean value for user signins. 

    SignedIn: {
    uid1: {
        "signedIn": true
    }
    uid2: {
        "signedIn": false
    }
    .....
}

    I'm assuming some where after authentication you change the screen. You'll now want to perform an additional query before doing that. If the user is already signed in you can display an alert, otherwise you can just continue as you always did. 

    func alreadySignedIn() {
     if let uid = Auth.auth().currentUser?.uid {
        Database.database().reference().child("SignedIn").child(uid).observeSingleEvent(of: .value, with: { snap in
            if let dict = snap.value as? [String: Any] {
                if let signedIn = dict["signedIn"] as? Bool {
                    if signedIn {
                        // display an alert telling the user only one device can use
                        // there account at a time
                    }
                    else {
                        // change the screen like normal
                    }
                }
            }
        })
     }
}

    Of course this just prevents the account from being "shared" at the same time. You can make a stricter guideline if you only allow sign in based on a device id. For example you could get the device id and only allow sign in on that device. You'd have to allow users to update this when they get a new device, but if you really want to lock your accounts down this might be a better option.

    0 讨论(0)
 看不清?
提交回复
热议问题