在Firebase for Android中,每个用户当时只能登录一次 [英] Only one log in per user at the time in Firebase for android
问题描述
我希望用户一次在一台设备上使用其凭据,避免使用相同的电子邮件和密码进行多次登录.我在Firebase官方网站上找到了此,但与它无关与我正在尝试做的事情.
无法阻止用户在多个设备上进行身份验证.实际上:要知道同一用户在两台设备上,他们需要在两台设备上进行身份验证.
根据您使用的后端服务,可能只允许从一台设备访问资源.
例如,如果您的应用程序使用Firebase数据库,则可以在用户登录时将InstanceID令牌写入数据库.然后仅在尚无令牌或令牌与最后一个令牌匹配的情况下才允许写入登录.如果用户已经在第二台设备上登录,甚至可能已经警告该用户,他们已经在从另一台设备访问系统,因此应该先从那里注销.
但这全都是问题案例造成的.
例如:您何时标记用户停止在一台设备上使用您的应用程序(即从数据库中删除InstanceID令牌)?他们何时注销?这意味着他们每次需要使用该应用程序时都必须登录,这是大多数用户不太喜欢的一种摩擦.
或者您是否会尝试自动检测到他们已停止使用该应用,例如什么时候进入后台?如果您由于错误,崩溃或网络故障而错过了那一刻,该怎么办?这样,用户将无法从其他设备上使用该应用程序吗?
出于这些原因以及许多其他原因,我通常建议不要采用这种单设备策略:麻烦多于其价值.
另请参阅:
I want users to use their credentials on one device at the time, avoiding multiple log ins with the same email and password. I´ve found this from firebase official site but it is not related with what I am trying to do.
There is no way to prevent a user from authenticating on multiple devices. In fact: to know that the same user is on two devices, they'll need to authenticate on both devices.
Depending on the back-end service that you're using, it may be possible to only allow resources to be accessed from one device.
For example, if your app uses the Firebase Database, you could write the InstanceID token into the database when the user logs in. And then only allow the write if there is no token yet, or the token matches the token that last logged in. You could then even warn the user if they log in on a second device, that they're already accessing the system from another device and should log out there first.
But this is all wrought with problem cases.
For example: when do you flag that a user stopped using your app on one device (i.e. delete the InstanceID token from the database)? When they log out? That means they'll have to log in every time they want to use the app, a type of friction most users don't like much.
Or will you try to automatically detect that they stopped using the app, e.g. when it goes into the background? What happens if you miss that moment because of a bug, a crash, or a network glitch? Will the user then be unable to use the app from their other device?
For these and many more reasons I usually recommend against such a single-device policy: it's more trouble than it's worth.
Also see:
- How to handle multiple connections of the same user on Firebase?
- How to prevent simultaneous logins of the same user with Firebase?
这篇关于在Firebase for Android中,每个用户当时只能登录一次的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
