使用UDID创建唯一的用户身份
我正在开发一个 iPhone 应用程序,它与服务器通信以存储和交换数据。因为我想让它尽可能简单,所以我想避免用户帐户的注册(或者也可能使用密码)。是否有可能(并且允许?)获取 iPhone 设备的 UDID 并制作例如。它的 MD5 哈希值,我将其传输到服务器并使用它进行身份验证?由于这个 ID 是唯一的,我可以简单地使用它来登录并从服务器获取用户指定的数据,而不需要创建登录数据。
是否允许访问 UDID、对其进行 MD5 哈希并将其存储在数据库中?
第二个问题是:如何获取UDID? ;-)
I am working on an iPhone App which communicates with a Server to store and exchange data. Since I would like to make it as simple as possible, I want to avoid registration (or mybe also the using of a password) for the user account. Is it possible (and allowed?) to get the UDID of the iPhone device and make eg. an MD5-hash of it, which I transfer to the server and use it for authentification? Since this ID is unique I could simply use it to login and get the user specified data from the server, without any need of creating login data.
Is it allowed to access the UDID, make an MD5-hash of it and store it in a database?
Second question is: how do I get the UDID? ;-)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
是的,这是允许的,但请考虑我在下面的文档中报告的内容。
您可以按如下方式检索 UDID:
请注意 Apple 官方文档中的以下内容:
设备的唯一标识符(有时缩写为 UDID,表示唯一设备标识符)是由各种硬件标识符(例如设备序列号)组成的哈希值。它保证对于每个设备都是唯一的。 UDID 与设备名称无关。对于使用 SIM(用户身份模块)卡的设备,UDID 独立于 SIM 卡。
为了用户安全和隐私,您不得公开将设备的唯一标识符与用户帐户关联。
您可以将 UDID 与特定于应用程序的用户 ID 结合使用,以识别服务器上特定于应用程序的数据。例如,您可以使用设备-用户组合 ID 来控制对注册产品的访问,或者在中央服务器中存储游戏的高分。但是,如果您正在开发游戏,则可能需要使用 Game Center 的玩家标识符密钥,如游戏套件编程指南中所述。
重要提示:切勿仅根据 UDID 存储用户信息。始终使用 UDID 和特定于应用程序的用户 ID 的组合。组合 ID 可确保如果用户将设备转让给另一个用户,新用户将无法访问原始用户的数据。
Yes, it's allowed, but take into account what I have reported below, from the documentation.
You can retrieve the UDID as follows:
Note the following from the offical Apple's documentation:
A device’s unique identifier (sometimes abbreviated as UDID for Unique Device Identifier) is a hash value composed from various hardware identifiers such as the device serial number. It is guaranteed to be unique for each device. The UDID is independent of the device name. For devices that use a SIM (subscriber identity module) card, the UDID is independent of the SIM card.
For user security and privacy, you must not publicly associate a device’s unique identifier with a user account.
You may use the UDID, in conjunction with an application-specific user ID, for identifying application-specific data on your server. For example, you use could a device-user combination ID to control access to registered products or when storing high scores for a game in a central server. However, if you are developing a game, you may want to instead use Game Center’s player identifier key as explained in Game Kit Programming Guide.
Important: Never store user information based solely on the UDID. Always use a combination of UDID and application-specific user ID. A combined ID ensures that if a user passes a device on to another user, the new user will not have access to the original user’s data.
我已使用 UDID 来检查设备是否已经有正在运行的订阅。
获取 UDID 很容易:
如果您仔细阅读了应用商店规则,其中有一节是关于让用户创建帐户以将订阅移动到其他设备的。
在本节中,Apple 明确表示创建帐户必须是用户必须输入的用户名和密码。用户名不能是电子邮件地址,因为它是个人信息。
如果您的应用程序严重依赖数据,建议创建可选的用户帐户。
AppStore 审核指南可以通过以下方式找到: http://developer.apple.com/appstore /resources/approval/guidelines.html
I've used the UDID for checking if the device already has a running subscription.
Getting the UDID is easy:
If you read up on the App store rules, there is a section about letting the user create an account to move the subscriptions to an other device.
In this section Apple makes clear that the account creation must be an username and password that the user must enter. The username can't be an e-mail address since it is personal information.
If you app leans heavy on the data, an optional user account creation would be advisable.
The AppStore Review guidelines can by found : http://developer.apple.com/appstore/resources/approval/guidelines.html
UDID自 iOS-6 及更高版本起隐藏,因此您可以通过以下方式唯一地标识设备:UDIDis hidden since iOS-6 and later so you can uniquely identify device by: