Geek Answers Handbook

Invalid iOS device token when user logs out

How can I reliably revoke (delete from the user profile on my server) device token for users of my service when they exit my application?

I save an array of strings containing apns tokens in my user profiles, adding them every time the user allows push notifications on this device.

Later I realized that the push token is unique to the device, but obviously does not know anything about my internal user accounts, so if one user logs out and another log (one device), each of them has one and the same same token. Then, the current device user receives push notifications directed to any of them.

The main solution is to remove the device token from the user profile when logging out, but I come up with a bunch of gotchas since I think through:

  • Logging out does not require network access - I can try to notify my server, but logging out requires asynchronous execution, even if the user does not have network access (?)
  • The actual device token may not be known - if the user has temporarily disabled push permission, the current token is not indicated. And information about the stored device ↔ seems insignificant at best, because the ForVendor identifier changes for each installation, and the UDID methods are outdated.
  • Destroy on the server side (when adding a token to the account, make sure that the same token is not set for other accounts) - it depends on the second user login to the system, which is not guaranteed.

Are there more cases of edges that I don’t have, and what strategies can I use to work them?

+7
rest ios push-notification apple-push-notifications
source share
2 answers

There are some of the difficult situations you may encounter in your quest. I would recommend that you change or make sure that the push sending logic is completely on the server side: associate the pushtoken with the user ID of your choice (this means that one token can be associated with several users). This identifier that you control should be the identifier of the account that is intended when you need to send push. Thus, you can control which user should receive the notification and receive his pushtoken based on this identifier (compared to any device identifier provided by Apple, which assumes that 1 device = 1 user).

If your user logs out offline, you won’t know about it. You can send this user a notification. If the user decides to act on it, your application will open, and at that moment you can unsubscribe from your server (since he is obviously online at this point).

+3
source share

  • when your application runs for the first time on the device, generates a uuid (universal unique identifier) ​​and stores it on the device using NSUserDefaults

    NSString * uuid = [[NSUserDefaults standardUserDefaults] objectForKey: @ "app_uuid"];

    if(uuid == nil){ uuid = [[NSUUID UUID] UUIDString]; [[NSUserDefaults standardUserDefaults] setObject:uuid forKey:@"app_uuid"]; [[NSUserDefaults standardUserDefaults] synchronize]; }

    this uuid will be used to identify a unique instance of the application that the user is using and logging in to (if you want the user to be able to log in to multiple devices with the same user ID).

  • then every time you send a token to your server, send him the user ID and the uuid application. and on the server side, check if the uuid application already exists, if so, rewrite the tuple with the new token and user ID, and if not, create and save a new tuple with the user ID, token and uuid.

  • when sending notifications to a specific user, get all tuples with a user ID, get tokens from them and send a notification using this token.

0
source share

More articles:


All Articles