Using Firebase in unity, I know that I can send a verification email to register a new login, but I would like that when the user tries to login on another device, firebase sends a verification email confirming the action and exiting the old device, I don't if this is possible because I'm a layman in the subject
Language used is C# and I don't even know the terms to search on the internet
The Firebase SDKs and products do not bound to specific devices. So there is no built-in way to get them to verify a user moving from one device to another.
The closest that exists within Firebase are its Installation IDs, which identify a specific installation (so a specific app on a specific device). If you'd associate an installation ID with each of your users, you could detect when they use a different installation ID than the one you have stored for them, and initiate a verification for the new device. But that'd be up to you to implement, as Firebase has nothing built in for such verification.
Related
I'm new to xamarin so I'm still trying to figure out how some things work.
The things is, I wanted to create a simple application where the user will recieve an email if his account logged in into an unknown device (yes, it looks like a login alerts).
Correct me if my proposed method is incorrect, I want to create a list of every known device each user has logged in, and compare it to a current device the login attempt was made. Is there a way where I can use a unique android device ID in Xamarin that I can use for this situation?
Any answers/suggestions will be much appreciated 😁
Thank you in advance
Using device ID would mean that if user uninstalled your app and stashed the phone for a year, it would still be considered trusted. Users most likely won't remember what they did in the past and blame you for failing to alert.
What you should use is instance ID. An UUID that app generates once and then saves. So uninstalling your app or clearing its data would make it "brand new and untrusted" - because that's exactly what users expect.
To paraphrase Fifth Element: Device not important. Only app important.
Also note that mobile users expect to log into app once and remain logged forever. Some apps (like banking apps) add extra PIN, fingerprint or password to actually access the data, but the app remains paired to the user account forever. In that case, there is server-side list of app instances paired to user's account, so it's trivial to notify about new pairing. Bonus-you don't need any client-dependant IDs, have the server assign the ID on pairing.
So, i`m trying to check from my application if my device has any type of protection when user tries to unlock it.
What it means. I need to know if device could be unlocked without graphical (numeric) key for mobile devices. For desktop devices in I need to know if current user has password.
Is it possible in general for both cases (mobile and PC)?
On PC seems there is no method to detect if a password is set for the user account, but there is method to check if a Pin is set using KeyCredentialManager.IsSupportedAsync | isSupportedAsync method, you can check the official KeyCredentialManager sample, the PassportAvailableCheck() method in the SignIn.xaml.cs file.
For PC, Pin is a higher level security, it can be set only if a password is set and there could have other security policies. On mobile there is no password, if a Pin is set, it can be detected.
This topic belongs to the Security part of UWP apps, here are some good documents for example Create a Microsoft Passport login app, Fingerprint biometrics. They may not be able to fully solve your problem, but you can see what we can do and not be able to do in UWP app from these documents.
We use this code to get the email of the currently logged in user:
var currentUsersEmail = UserPrincipal.Current.EmailAddress;
This works fine when on the network. However, we have laptop users who run our code remotely and in a disconnected state. The above code causes this exception when in this state:
System.DirectoryServices.AccountManagement.PrincipalServerDownException
Message: "The server could not be contacted."
Does anyone know a way to retrive the current user's email that will work both when connected / on the network and when disconnected?
UPDATE: In case you are wondering why we want to do this. Our system has a bunch of methods that send alerts via email. When our developers are running automated tests, we want the emails to be sent to the current logged in user (i.e. the developer) so they can verify the format.
You could rewrite your application so that it uses UserPrincipal.Current.EmailAddress the first time, and perhaps whenever it is online, and then saves that information in the user's AppData folder or registry for reference when working offline. It would require running the application at least one online before working offline, but I don't see how else you could do it without having to ask the user or use a config file.
There is simply no way the System.DirectoryServices.AccountManagement namespace will work offline. It's like asking how can a database driven application work without access to the database.
I'm implementing notifications into my app, but I am trying to figure out what I need to do to know if a Channel is an "Update" vs a "New" channel that wants to receive notifications.
Currently, everytime the app is ran, it sends me the new channel and the expire date. When I want to send a new notification, I am going to assume everyday, I'll get a new one of these for the same person. I need a way to only send it to the person once.
I was thinking about using CoreApplication.Id and store that, but I am not sure if that is unique per application install.
Any ideas how to go about this? I have read several articles, but they are all just showing how to push it once, no mention to this problem.
Thanks!
You will need to add another aspect of identification in your service. Because the URI can change any time, and there maybe multiple installs of your client, you will have some challenges trying to identify unique per user notifications without having identified some "user" id uniquely.
Likely, you want to take advantage of either:
Microsoft Account, using this to identify the user
Make the client application get a "unique" identifier for your client from your server (it could just be a GUID), and save that in roam settings. This will travel with the client across machines. If it's there, clearly it's not a new customer.
Note that if the user uninstalls your app on ALL their machines/accounts, then the roaming setting may go away. This is an undefined period of time.
I write system, that collects informations about local system. It's a system like admin-client. Client collects and sends log to admin. There's of course possibility to get this log by admin over LAN, but I'd like to add option send log over Internet.
I thought about skype. Client must have logged skype and when admin (of course there must be appropriate authorization, but it's separate topic) send request by skype - client must e.g. connect to SQL database or simple file with collected log and send it over skype.
How can I do this?
Is this the best way? Plugin in skype? What lib may I use?
I think it's an either/or situation.
If you want an administrator who is already using Skype to be able to send this information over the internet, then a plugin which exposes that functionality in Skype is the way to go.
If you want the administrator to be able to send the information over Skype's network, but not necessarily have to have the application running (perhaps this will be done through the application that gathers data), then using the API to control Skype externally is better.
You can find the documentation for Skype here:
http://developer.skype.com/accessories
Skype has a COM API called Skype4COM which you could use through COM interop in order to access Skype.
It should be noted that SkypeKit is now available for use in both embedded and desktop programs. There's a small one-time registration fee (currently $5 USD) for each program, but it will allow you to access Skype without actually using any UI functionality (it's completely up to you to provide the interface).
Until SkypeKit is released, you're limited to the Skype Public API. However according to the docs this API only allows to specify the recipient and open the file dialog, initiating a file transfer automatically seems to be impossible (see "OPEN FILETRANSFER" in the docs).
I suggest you use an open protocol like HTTP or FTP instead.