We're about to implement sign on/continue with a number of social networks. A question has arisen that I've been unable to find thoughts on/recommended best practice.
If a user updates their profile information (i.e. e-mail address) our data then becomes out of sync. Is it accepted to check and refresh the data on login/at regular intervals? That's our thinking at the moment.
Thanks in advance.
You can use webhooks (formerly known as Realtime Updates) for that: https://developers.facebook.com/docs/graph-api/webhooks/v2.5
Another way would be to store an Extended User Token and sync the data once in a while. Or you could sync it whenever the User hits your App again. But webhooks are definitely the best option because you can sync exactly when the change happens.
Related
If I were to create a client desktop application, I'm trying to find a reliable way to notify client applications of new data that needs to be queried from the server. Would pubsub be a good use for this? Most of the documentation I see for it seems to be focused on server to server communication, and is a bit ambiguous if this would work well for server to client notifications.
If it should work, would I be able to properly authenticate subscribers to limit the topics they could subscribe to? This application would be potentially downloadable by anyone, and I would need to ensure that information intended for one client couldn't end up in the hands of another client.
Cloud Pub/Sub is not going to be a good choice for this use case. First of all, note that each topic and project is limited to 10,000 subscriptions. Therefore, if you intend to have more than that, you will run out of subscriptions. Secondly, note that a subscription only receives messages published after the subscription is created. If you only need messages to be delivered that were published after the user came to the website, this may be okay. However, with these two issues combined, you'll need to consider lifetime of your subscriptions. Do they get deleted when a user logs out? If not, when a user comes back, do you expect them to get all of the messages published since the last time they visited?
Additionally, as discussed in the comments, there is the issue of authentication. Your client-side app would have to have the credentials to subscribe. This would require you to essentially leak those credentials into your client-side code, which could be a vulnerability in your application.
The service designed to deliver notifications of this nature is Firebase Cloud Messaging.
If you want to open the application to anyone on the internet, you can't rely on the IAM service that only works with Google identity -> You can't ask your user to have a Google Account, the user experience will be bad.
Thus, you can't use IAM service to secure the PubSub access, and thus to use PubSub because anyone could access it.
In your use case, the first step is to ask the user to register (create an account, validate email, maybe use payment method,...). Then, you have an identity, but managed by you, not by IAM. You know which messages are for this user and which aren't.
If you want to be notified "in real time", I propose you to use long polling method or streaming to push data to the user. Cloud Run is now capable to do this and I recommend you to have a look on that.
I am working on an app that relies heavily on detecting when users go offline and go back online. I wanted to do this with AWS AppSync, but I can't seem to find a way to do this in the documentation. Is there a way to do it in AppSync?
Thanks for the question. Detecting presence is not currently support out of the box but you can likely build similar features yourself depending on the use case.
For example, a resolver on a subscription field is invoked every time a new device tries to open a subscription. You can use this resolver field to update some data source to tell the rest of your system that some user is currently subscribed. If using something like DynamoDB, you can use a TTL field to have records automatically removed after a certain amount of time and then require a user to "ping" every N minutes to specify that they are still online.
You could also have your application call a mutation when it first starts to register the user as online, then have the application call another mutation when the app closes to register it as offline. You could combine this with TTLs to prevent stale records in situations where the app crashes or something prevents the call to register as offline.
Thanks for the suggestion and hope this helps in the meantime.
Hi How to keep session always open in alexa app.I developed custom skill for my client .After last response skill session ends.I don't want this. I want to keep session open always.so when user says the opening flows intent it should start from there.
You cannot do this. Alexa's model is call and response. The user talks to Alexa, and then Alexa talks back. You can leave the session open, but if the user doesn't respond in about 8 seconds, the session is closed. (You can stretch it another 8 seconds if you use a reprompt.)
This is part of their security model. They don't want people creating skills that, basically, monitor everything going on in a room. When Alexa is listening, everything it says is streamed to the internet. Should someone break their protocol, this could be used for spying. (Or running up bandwith on the user's or Amazon's servers.)
Now, if your question is really one of continuity, that's different. Alexa provides as part of its service Session variables. Those only have a lifetime of the session. So, again, it is part of the design not to persist those past sessions.
In general, though, I do not recommend you use them. Alexa drops sessions all the time. It is far better for you to persist you own variables. Then you have control over their lifetime. Use the passed in UserID as they key, and stash them either in memory (for non-Lambda skills) and/or a DynamoDB (for Lambda skills, or longer term persistence).
You can achieve the desired user experience but you need to build it differently because you must assume the session might end at any time with session data being discarded.
Whenever the session is updated, persist it to a database, such as DynamoDB.
Identify each session by the userId which is sent with every request and does not change between sessions.
When a new session is created, check the database for any sessions saved against the userId. If found, populate the new session from the database. Otherwise, create a fresh session.
To start off, I am extremely sorry if my question is not clear but I have very little knowledge about web services in general and the vast nature of varying available information has driven me crazy over the past few weeks. So please do bear with me.
Summary: I want to create a live score update app for android. (I haven't added android as a tag because I do know how to retrieve data from say twitter's JSON api.) However, like the twitter JSON api, I want to be able to add(POST maybe?) data to the Apache 7.0 service that I have running. I then want the app to be able to be able to retrieve this data that I have posted.
I had asked a more generic question earlier and I was told that I should look up some api's. I did that but I have still not been unable to make a break through.
So my questions is:
Is setting up an API on my local web service the correct way to do this?
If so, how can I setup an API that will return JSON objects to the Android app. Also, I would need to be able to constantly update this API with new data.
Additionally, would I also need to setup a database for all this?
Any links to well explained matter would be appreciated too.
Note: I would like to carry this out using a RESTful Web Service through Jersey and use JSON Objects during retrieval.
Again, I am sorry about my terrible knowledge with web services in general despite trying my best to research a lot. The best I could do was get my RESTful Web to respond to a GET with some pre-defined text that I had set in Eclipse.
Thanks.
If I understand you correctly, what you try to do is something like this:
There will be a match or multiple matches of some sort. Whenever a team/player scores someone (i.e. you) will use the app to update the score. People who previously subscribed to the match, will be notified and see the updated score.
Even though I'm not familiar with backends based on Java, the implementation should be fairly similar to other programming languages.
First of all a few words to REST in general. REST is generally needed, when you need to share information between multiple devices and or users. This seems to be the case here. To implement the REST you are going to need an API of some sorts. Within the web APIs are implemented by webservers answering to certain predefined HTTP Requests.
Thus setting up an API on a web server is the correct way.
Next a few words on databases. A database is generally needed, if you want to store information persistently. This might, or might not be what you are planning to do. If there are just going to be a few matches at the same time and you don't care about persistence of the data, you can use Java to store a collection of match objects in memory. I'm just saying it is possible, not that it is a good idea. Once your server crashes or you run out of memory due to w/e reason, data is going to be lost. (Of course within the actual implementation you want to cache data for current matches in some way and keeping objects in memory is way to do so).
I'd recommend to use a database.
Within the database, you can then store and access information about the matches like the score, which users subscribed, who played, etc.
JSON is just a way to represent the data/objects that will be shared between the server and the client. You can use JSON to encode request and response data/bodies.
The user has to be informed about the updated score. There are two basic ways to do so. Push or Pull. With pull, the client will check for updated scores after fixed intervals or actions. With push, the server will notify the client about changed scores which will cause him to update the information. Since you are planning on doing a live application and using Java anyways, push seems to be the better way to go.
Last but not least let's have a look at a possible implementation using
Webserver (API endpoints + database)
Administrator (keeps score updated)
User (receives updates)
We assume that the server will respond to HTTP Requests (POST#/api/my-endpoint) with JSON-Objects.
Possible flow
1)
First the administrator creates a match
REQUEST
POST # /api/matches
body: team1=someteam&team2=someotherteam
The server now will create a match object and store it in the database. The response will contain information about the object and whether the action was successful.
2)
The user asks for a list of matches
REQUEST
GET # /api/matches/curret
The response will be a JSON object containing a list of current matches.
RESPONSE
{
matches: [
{id: 1, teams:...}, ...
]
}
3)
(If push)
A user subscribes to a match
REQUEST
GET # /api/SOME_MATCH_ID/observe
The user will now be added as an observer for the match. Again, the response contains information about whether the action was successful or not.
4)
The administrator updates a score
REQUEST
UPDATE # /api/SOME_MATCH_ID
body: team1scored...
The score now gets update on the server (in memory/database) and the user will be notified about the updated score.
5)
The user gets the updated score
REQUEST
GET # /api/SOME_MATCH_ID
RESPONSE
... (Updated score in some way)
I have no other choice but to adopt iCloud right now. In the near future i would like to build my own cloud service. Is there any problem if the app transfers all the data from iCloud to my own cloud?
Only the data related to my app of course.
After user's permission.
Is Apple positive about this?
If you mean, would Apple approve an app for the store that was going to transfer the user's iCloud data to some other online service, as usual all we can do is try and gauge the odds.
None of Apple's guidelines even hint that apps may not use non-iCloud services.
Neither do they hint that there's any issue with moving data from one service to another, even if one of them is iCloud.
Apple does not look kindly on apps that transfer user data to online storage without the user's knowledge. Assuming you make it clear to users what you're doing, this is probably not an issue, but users should have the chance to opt out of your service.
Based on information available right now, what you suggest is probably OK so long as your app makes clear what's happening. It's unwise to try and predict Apple's app-approval actions too closely. They might change their policies tomorrow, or they might decide to reject your app for reasons that had not previously been stated. At the moment though, switching services like that seems likely to be accepted.