-
Welcome to B4X forum!
B4X is a set of simple and powerful cross platform RAD tools:
- B4A (free) - Android development
- B4J (free) - Desktop and Server development
- B4i - iOS development
- B4R (free) - Arduino, ESP8266 and ESP32 development
Android Question How can send back secret code to validate user
- Thread starter Makumbi
- Start date
- Similar Threads Similar Threads
Send the users phonenumber to your server, send the secretcode via SMS from your server to the users device.
You can use the SMS Retriever Api to wait for the SMS without any permission. the SMS must be in a specific format to get this working.
You can use the SMS Retriever Api to wait for the SMS without any permission. the SMS must be in a specific format to get this working.
Upvote
0
Alternatively you can use Firebase UI Auth and let the user Authenticate using Phone (all happens automatically). Only works if GooglePhoneAuthentification is possible in your Country.
Upvote
0
How can i know wether GooglePhoneAuthentification is possible in my country is there like a list of countries were i can check and see wether my country allows it thanks
Upvote
0
This is a very common way of doing this, I'd say.
I just wanted to add that instead of using the SMS Retriever API, one could simply ask the user to enter the code they receive in the sms. That's what I do, and it works quite well.
Upvote
0
does that me that i store the secret code on my server then send it to the users phone number. if so what reliable sms api can i use and the cost implications because my fear is that incase the message is not deliver to the user in time then he will think that the app does not work
Upvote
0
In my case I simply produced a basic hash from the phone number, and once the user entered the sms code I also re-transmitted their phone number to the server. When I received that I did the hash again to verify that the phone number and hash matched. Obviously you could store the code in a database instead, but why bother when it's so simple to do it like this? (For a touch of extra "security" I added todays date to the phonenumber hashed, so their code changed daily.)
LMGTFY - Let Me Google That For You
For all those people who find it more convenient to bother you with their question rather than to Google it for themselves.
You should do some basic sanity check in the app to see that it resembles a phone number, either by some basic logic or something more advanced, perhaps like https://www.b4x.com/android/forum/threads/library-phonenumbervalid.56377/
That said, some sms messages will certainly fail. If your business model doesn't allow for that cost, you might have a bigger problem.
Upvote
0
I mean that if if you use the phone number to create a key or something else, your method will not work on tablets, since they do not have a phone number. This is if the number is obtained automatically and not directly asked to the user, obviously.
Upvote
0
Phoneauthentification and SMS Retriever Api will not work on such Tablets, correct.
I do have a Tablet with SIM Card. Here it does work surely.
Upvote
0
Similar Threads
- Question
