I don’t know how to frame this.
I have an application where a user will share a “plan” with other users.
Very low security (nothing of value being exchanged), and I don’t want to have to develop too complicated of a system to manage it.
The easiest way I can imagine is for the sharing user to enable someone with a specific email address (or some identity) to be able to retrieve it.
So an I get a unique identify for an iPhone user somehow? I was thinking of the email address they use with the App Store or something like that.
Ideally It is something I can call up and display so that the receiving user can tell the sharing user what it is.
Sorry that this is likely a convoluted explanation, but I’m sure someone will get where I’m going and recommend a good route.
I had a similar problem and found three solutions.
You can’t retrieve the email address the user has used for the App Store.
The only “unique” piece of information you can retrieve is the device’s UUIDString.
Which looks like this: 95DFDXXX-XXXX-XXXX-BC36-03775A554322
Thats way too long to be shared.
What I first did is use hashIDs https://hashids.org to hash the database ID of the item the user was sharing.
This worked quite good at first, hashing a 3 digit ID into an 6 character string.
But eventually after hitting 100k downloads the 3 digit ID soon became a 7 digit ID being hashed into a 10+ character string.
I realized the hash was getting too long for a user to type, and would become even longer and more difficult to type the more people downloaded the app.
Solution 2 (currently implemented)
Now I am currently using What3Words.
It is an online service that will geocode any set of latitude/longitude into three unique words
When a user needs to share an item, I randomly generate a set of latitude/longitude and get a 3 word value for it.
For example the exact location of the Eiffel tower in Paris, 48.987719,+1.962406 becomes counters.crate.pound
I then store in a database the ID of the item being shared, and the 3 word value.
The big advantage of What3Words is that it will generate a three word value in most common languages. Typing three words in your native language is much easier than typing a random set of 10 alphanumeric characters.
Solution 3 (thinking about it)
Most apps that enable collaborative work such as Google Drive, Shopping lists, and so on enable sharing in two ways:
- With the user’s email address
- With an URL containing a deeplink to the app
Storing the email address of the user now needs the user to consent to terms and conditions because of GDPR.
and deep linking into a Xojo app isn’t possible yet until this feature request is implemented feedback://showreport?report_id=51142
@Jeremie Leroy Rank up that case. I’ve added it to my top case!
You can always get a USER piece of information and then Hash it using Xojo.Crypto.* then change it to Hex Encoded (see documentation of Xojo.Crypt.* for iOS).
That value can be anything, if the user re-enters the same values trough the hash function you can compare to your server-side hash and thus you know if it’s that same user without sharing user-bound information.
Jeremy, this is a fantastic response. Thank you.
One question: When I go into the Settings “app” on my iPhone, it has my name at the top. Where does that come from, and can I detect the user’s name for the phone?
For my case, it doesn’t have to be 100% unique at all.
The name comes from your Apple ID. You can not detect it within an app.