PDA

View Full Version : User account based application




eziishere
Jul 13, 2011, 05:26 AM
Hi to you all.

First post here :cool:

I'm new to ios app development and I like to hear from you what is your concept for a user based application (register/login).

I noticed many application request: username, password, email but does not confirm the email address. That is great for the user but what if he will need to retrieve the password in the future?

In addition do you use a userID so you won't drive your user crazy looking for a unique username?

And what about the login issue, do you save in the local user data isSignIn bool or all the details?

Any other ideas you have I'd be happy to hear. No code needed just a general concept of what is acceptable doing in ios devices.

Thank you all in advance!



jiminaus
Jul 18, 2011, 03:16 AM
One thing comes to mind which is Apple's advice to consider the usage pattern of an iOS app, which is a user will enter you app to do a task, will expect to be able to that task as quickly and easily as possible, before returning to home screen to go onto doing something else.

With that in mind, as a user, a wouldn't like to be presented with a login screen everytime I entered you app.

I tolerate having to do that with my bank's internet banking app because of the high-security of the resource. But in contrast I wouldn't tolerate it in my social networking app or my email app.

eziishere
Jul 21, 2011, 09:13 AM
Hi,

Thank you for answering.

What you (and :apple: :)) are saying make perfect seance.

The question is, how do you do the first sign up process less painful.
For example, user already exist, email confirmation, etc.

jnoxx
Jul 22, 2011, 03:17 AM
Actually, the first time having to sign up is not a problem, once signed in, u can keep the account stored encrypted somewhere, next time it opens the app, check if it already had been logged in or not. And then show the app or not immediatly. That's what I do.

jiminaus
Jul 22, 2011, 06:31 AM
I have an idea revolving around the use of authentication tokens.

On first launch:

Present login UI.
User enters login and password.
App sends login and password to server
Server generates and stores an authentication token.
Server also generates a session token and initiates a session.
Server sends back authentication and session tokens to app.
App persists the authentication token.
App send session token with further communications while the app remains in the foreground.


When your app resumes from background or relaunches:

App send the authentication token to the server
Server generates a new session token and sends it back to app


If the authentication token is missing or is rejects by the server, present the login UI.

If the user changes the password anywhere, invalid all existing authentication tokens.


In regards to confirming profile details like email addresses, I wouldn't force a user to have to confirm the details straight away. Allow them to create a new profile in-app, send them an email with instructions on how to confirm and allow a period of time of them to do that while still being able to log in. If time period elapses, lock the account until it's confirmed.

eziishere
Jul 25, 2011, 02:18 AM
Thanks for the answers, it was very helpful!