-1

I have an iPhone chat app that checks the username, UDID, and email on the ruby on rails server when the user wants to chat with someone else.

Questions: -- Does my chat app need the ability for the user to login to the app with a password so that no one else can steal the phone and masquerade as the real owner?

deefour
  • 34,974
  • 7
  • 97
  • 90
James Testa
  • 2,901
  • 4
  • 42
  • 60
  • 1
    Do you want them to not be able to do that? This doesn't relate to programming at all.. it's a UX question – varatis Jul 11 '12 at 18:02

1 Answers1

2

Well, if you wanna tell who is actually talking. It is a good idea to let them log in to your server since 1> Users can have public information such as email address, but they don't share their password with others. 2> They can change their password easily at any time they want.

And by the way, it is a bad idea to use UUID to distinguish users from the server since re-install app on the same device will give them different UUID.

Here is what i did: I have an app require user to log in, every time when the app talk to the server, it sends a web service call with it's own information including UUID. On the server side, I have a database table that keep tracking their UUID so that if by any chance a user lose his device, he can call us, and I flag his UUID in the database, then the device will be disabled from the server side and cannot do anything.

Hope this helps.

Raymond Wang
  • 1,484
  • 2
  • 18
  • 33
  • Raymond - are you sure reinstalling the app will give the user a different UUID? My experience is that the UUID is a constant. – James Testa Sep 13 '12 at 15:49
  • What version of Xcode you have? and iOS version? For xcode 4.3 and before on iOS 5.1 devices, they give me different UUID every time when I reintall the app. – Raymond Wang Sep 13 '12 at 19:15
  • I'm referring to the UDID of the device. That never changes AFAIK regardless of the app. – James Testa Sep 14 '12 at 19:03
  • From what I understood, Apple stop programmer using UDID for quite a while, so if you wanna use id that could identify users' devices, you still have alternatives but you cannot use actual UDID. See here: http://stackoverflow.com/questions/9858850/an-alternative-to-the-device-udid-preparing-ourselves – Raymond Wang Sep 15 '12 at 12:53
  • Right. So is the UUID different from the UDID? Is so, how does one obtain the UUID programmatically? If not, then I think your second paragraph isn't right because if the UUID is the same as the UDID, then the UDID is per device, and doesn't change per app. Other than the second paragraph, I think the rest of your answer is right. – James Testa Sep 16 '12 at 02:29
  • James, UUID is different from UDID. Right, UDID is unique to every device, and it is the same cross all apps. UUID is per app instance base, so every time if a user re-install an app, it will be different. I think reading this will help you: https://developer.apple.com/library/ios/#documentation/CoreFoundation/Reference/CFUUIDRef/Reference/reference.html – Raymond Wang Sep 17 '12 at 02:38
  • Raymond, thanks for your response, which clarifies for me what UUIDs are. – James Testa Sep 19 '12 at 15:26