Unique ID for Web app

Hi Guys,
I did some reading here trying to find the answer but wasn’t sure what I saw was the easiest. Is there any way I can get a unique ID calling a webapp from different devices (without cookies). I tried polling the IP but it always pulls the “server” IP, tried the session identifier but it gives me a different number everytime (even when I refresh the page). I tried to use the user ID at login by putting it in a global variable but it comes up to the same ID when I try a second device.

It’s not clear what you are trying to accomplish. Can you say more?

  • the normal way to do this is with cookies. Assumning you have a unique user ID (such as email address) the person then logs in using their ID and a password. Once logged in, you set a cookie. You can use the same cookie across multiple devices or different cookies for each device, it doesn’t really matter.
  • you generalkly can’t use IP addresses, because many users are behind NAT or CGNAT which shares a single IP address for multiple users
  • are you not willing to use cookies? Or not able to for some technical or legal reason?

The problem I am seeing is that if the user hits refresh, it goes back to the home screen. I wanted to keep track of the user and the current webpage and check for that user on the session activation or opening. The problem is that the global variable I assign to that user (vUserID) is the same no matter what device I use. So for example I use my windows pc and call up the app, I log in as “smith” and get to webpage2. If I use my phone, open up a browser and call up the app, it looks at vUserID and is the same user (“smith”) bringing me to webpage2

  • In a Xojo WebApp, global variables are global to the entire web application, so your technique will not work.
  • sessions can store data, and that will be unique to the session, but if a user reloads the page, it starts a new sesison, so all the data is wiped out.
  • the best way to do this is via Cookies, since Cookies are (A) stored on the browser and (B) not affected by a changing IP address
  • you may be able to do this via the URL, by setting the HashTag which is part of the URL. WebSession — Xojo documentation This way, if the user reloads, you can check the hashtag and use that to identify them and send them back to the right location. Note that this will only work if the user Reloads the page. If they open a new browser tab, the hashtag will be blank.

Cookies are really the right way to solve this for most situations - why not use Cookies?

I am actually learning the workarounds of the program and have not used cookies before. I will check to see if there is a sample I can look at in the sample folder about cookies (unless you know of a sample already mentioned here or can guide me where to find something).
Once I leaned, I don’t have a problem using cookies

It’s pretty straightforward.

Try something like this…

  dim userId as string = Self.Cookies.value("UserID")
  dim lastPageVisited as string = Self.Cookies.value("lastPageVisited")

  if userID = "" then
    // unknown user
    Self.Cookies.value("UserID") = ... // set a new UserID


  // existing user, send them to the last page they were on
   select case lastPageVisited
         case "FooPage"
          case "BarPage"
              LoginPage.show // default to login page
   end select

See WebSession — Xojo documentation

Has not that changed with Web 2.0 ?

@Allen_Arissa are you using Web 1.0 or Web 2.0 ?

I’m using Web 2

@Mike_D Thank you so much, I was able to do it the way you said. I just had to change where to add the new user but is working how I wanted it now.

Thank You

1 Like

This code can generate a random UUID v4 if needed:

Protected Function RandomUUID() As String
  // From http://www.cryptosys.net/pki/uuid-rfc4122.html
  // Generate 16 random bytes (=128 bits)
  // Adjust certain bits according to RFC 4122 section 4.4 as follows:
  // set the four most significant bits of the 7th byte to 0100'B, so the high nibble is '4'
  // set the two most significant bits of the 9th byte to 10'B, so the high nibble will be one of '8', '9', 'A', or 'B'.
  // Convert the adjusted bytes to 32 hexadecimal digits
  // Add four hyphen '-' characters to obtain blocks of 8, 4, 4, 4 and 12 hex digits
  // Output the resulting 36-character string "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"
  dim randomBytes as MemoryBlock = Crypto.GenerateRandomBytes(16)
  randomBytes.LittleEndian = false
  // Adjust seventh byte
  dim value as byte = randomBytes.Byte(6)
  value = value and &b00001111 // Turn off the first four bits
  value = value or &b01000000 // Turn on the second bit
  randomBytes.Byte(6) = value
  // Adjust ninth byte
  value = randomBytes.Byte(8)
  value = value and &b00111111 // Turn off the first two bits
  value = value or &b10000000 // Turn on the first bit
  randomBytes.Byte(8) = value
  dim result as string = EncodeHex(randomBytes)
  result = result.LeftB(8) + "-" + result.MidB(9, 4) + "-" + result.MidB(13, 4) + "-" + result.MidB(17, 4) + _
  "-" + result.RightB(12)
  return result
End Function

1 Like

I was under the impression that session resumption was broken in Web2 - I do remember some mentions of it, but if it’s working properly now I must have missed it. Has it been fixed?