4D for iOS packs in several features and concepts to help you easily get started with your first mobile application. Besides the step by step tutorial, we’ll be providing blog posts tips to speed up the learning process. In this post, we’ll explore an important concept in 4D for iOS: Mobile Session Management.
Mobile Session Management
Mobile Session Management will allow you to keep track of users after their very first user request. In a nutshell, this ensures the ability to identify each user and authorize or block their access to your app data by changing their user request status to accepted or pending.
If you are a 4D developer, sessions can be a great help to secure your server data, because they allow you to authenticate the user accessing your 4D Server via a mobile app.
Another use case: If you’re a server administrator, you can use session management to define the users who are allowed to connect to your 4D Server, so you can restrict access to only those with access permission.
Session Management in 4D for iOS
In 4D for iOS, you’ll be able to identify who’s attempting to access your app data in real-time via a Mobile User JSON file. It provides structured information such as a user’s email, App ID, and Device ID for each app:
{ "application":{ "id":"com.contactApp.Contact", "name":"Contact", "version":"1.0.0" }, "team":{ "id":"DAVAZDX8W5" }, "language":{ "id":"en_US", "code":"en", "region":"US" }, "email":"david@4D.com", "device":{ "description":"iPhone X", "version":"11.3", "id":"0DC5132E-1EF4-407C-A832-5FE33D818AF3", "simulator":true }, "send":"link", "session":{ "id":"7023d9205074199d1c16fc00d24354e778137675", "ip":"::ffff:192.168.5.4" }, "status":"accepted", "token":"eyJhcHBOYW1lSUQiOiJjb20uY29udGFjdEFwcC5Db250YWN0IiwiaWQiOiI3MDIzZDkyMDUwNzQxOTlkMWMxNmZjMDBkMjQzNTRlNzc4MTM3Njc1IiwidGVhbUlEIjoiVVRUN1ZEWDhXNSJ9" }
When a user launches your app for the first time, a Mobile User file is created and stored next to the current 4DD file in the MobileApps folder. This folder contains all your Mobile user files, organized and grouped by app folder.
To handle your user’s access, you can manually change the status of each mobile user file or even better: create your own interface!
Authentication method
The On Mobile App Authentication database method will be called to grant or block access programmatically when a user has a pending status and tries to access the server – for example, reloading data. You can create and edit this authentication method directly from the project editor on the Publishing section.
When you click the Create… button, a template is created and ready to be used:
C_OBJECT($0;$response)
C_OBJECT($1;$request)
$request:=$1 // Informations provided by mobile application
$response:=New object // Informations returned to mobile application
// Check user email
If ($request.email=Null)
// No email means Guest mode - Allow connection
$response.success:=True
Else
// Authenticated mode - Allow or not the connection according to email or other device property
$response.success:=True
End if
// Optional message to display on mobile App.
If ($response.success)
$response.statusText:="You are successfully authenticated"
Else
$response.statusText:="Sorry, you are not authorized to use this application."
End if
$0:=$response
When the “Login required” option is checked, a login form will be displayed at app launch. You can also choose to leave the “Login required” option unchecked for your app to be used in “guest” mode.
Because 4D for iOS apps are installed with embedded data, guest users will be able to see the initial data. In this case, you can only authorize or block access for reloading data in your 4D for iOS app.
Let’s focus on the 4D for iOS user experience for both accepted and pending status.
accepted status
When login is required with an accepted status:
- The user enters their email
- A notification is displayed to inform them that they have been authenticated
- They can reload data from the settings screen
Pending status
When login is required with a pending status:
- The user enters their email
- A notification is displayed to inform them that they’re not authorized to use the app
- If a user is already logged in and their status is changed to pending, they can’t reload data and they’re redirected to the login form.
In order to make your life a little easier, we’re working on providing you with a ready-to-use component to help you with Mobile Session Management. Stay tuned!