From the to-do list: MPA V1.0: Import/ local / Offline
✔ Can't login ofline
(Completed by Pierre henri Seylan on July 4, 2019)
Comments
Pierre henri Seylan on June 24, 2019:
Currently, when logging into the app without internet conection, the app returns an error message
Karim Alabtakh on June 27, 2019:
The logic of the login functionality should be discuses in connection with the new API and security reasons.
Some info: Saving or sending the password in clear text is not recommended so for new api requests we use token which now saved in the key-chain instead the password. Mainly the apps allow the offline access only for logged users, so if a user logout from his account then he need the internet connection to login and get the token again. so that is how the client now works. By that we can guarantee that client will work in online mode correctly when the connection is restored.
If you need unusual behavior then that what we can: 1- Login by user name and password by saving not only the token but also the password in hashed form in the keychain. The password hash will be used only to check if the password is correct in offline mode.
or 2- Login by user name only and get the token from the keychain. in this case the password field can be empty or incorrect. or 3- Revert last changes and use creepy method which compare only the user name from file which saved in soundslates folder, so the login will be succeed without password or token. But in this case the client will not be able to switch to online mode correctly. or 4- Use more complex own implemented keychain alternative for client app.
BTW, also currently the client the the token only for one user, should we support multiuser login for offline mode?
Pierre henri Seylan on July 1, 2019:
Hello,
So maybe the best solution could be to change the logout button to "quit" button? So for example, instead of logging out the application, it will simply quit the application but keep the user logged in, so that it can still be logged in offline mode. Is this a possible solution?
Otherwise, i would choose the solution #1 you have described above.
Karim Alabtakh on July 2, 2019:
Actually logout button is work as quit button (btw we should rename it). if it doesn't work like that on your side then please check your keychain and give me more info about how it works on your side.
Pierre henri Seylan on July 2, 2019:
Ok, yes logout works like quit actually. So let's implement solution #1?
Comments
Pierre henri Seylan on June 24, 2019:
Karim Alabtakh on June 27, 2019:
Some info:
Saving or sending the password in clear text is not recommended so for new api requests we use token which now saved in the key-chain instead the password.
Mainly the apps allow the offline access only for logged users, so if a user logout from his account then he need the internet connection to login and get the token again. so that is how the client now works.
By that we can guarantee that client will work in online mode correctly when the connection is restored.
If you need unusual behavior then that what we can:
1- Login by user name and password by saving not only the token but also the password in hashed form in the keychain.
The password hash will be used only to check if the password is correct in offline mode.
or
2- Login by user name only and get the token from the keychain. in this case the password field can be empty or incorrect.
or
3- Revert last changes and use creepy method which compare only the user name from file which saved in soundslates folder, so the login will be succeed without password or token. But in this case the client will not be able to switch to online mode correctly.
or
4- Use more complex own implemented keychain alternative for client app.
BTW, also currently the client the the token only for one user, should we support multiuser login for offline mode?
Pierre henri Seylan on July 1, 2019:
So maybe the best solution could be to change the logout button to "quit" button?
So for example, instead of logging out the application, it will simply quit the application but keep the user logged in, so that it can still be logged in offline mode.
Is this a possible solution?
Otherwise, i would choose the solution #1 you have described above.
Karim Alabtakh on July 2, 2019:
Pierre henri Seylan on July 2, 2019:
So let's implement solution #1?
Karim Alabtakh on July 4, 2019: