Welcome!

Welcome to the Official BlackBerry Support Community Forums. This is your resource to discuss support topics with your peers, and learn from each other. New to the forum? Please visit the ‘Getting Started’ link below.
All New Topics | All New Posts
inside custom component

Cascades Development

Reply
Topic Options
New Developer
New Developer
dhontecillas
Posts: 12
Registered: ‎12-28-2012
My Carrier: Simyo
Accepted Solution

Server side BBM user validation.

Options

‎12-28-2012 12:53 PM

I'm building a service for my blackberry app. I want users to register to my app using their ppId (https://developer.blackberry.com/cascades/reference/bb__platform__bbm__userprofile.html), so they can login using their different devices.

But since the API calls can receive fake data, I need to check from the server side that the ID that they are sending me is a valid one, and that corresponds to the user name.

 

 

Is there any service to check that?  

Report Inappropriate Content
Message 1 of 5 (671 Views)
Reply
0 Likes
Please use plain text.
 
Administrator
Administrator
MSohm
Posts: 12,957
Registered: ‎07-09-2008
My Carrier: Bell

Re: Server side BBM user validation.

Options

‎01-03-2013 11:03 AM

You shouldn't receive fake data.  What makes you think that?

Mark Sohm
BlackBerry Development Advisor

Please refrain from posting new questions in solved threads.
Found a bug? Report it using the Issue Tracker
Report Inappropriate Content
Message 2 of 5 (625 Views)
Reply
0 Likes
Please use plain text.
 
New Developer
New Developer
dhontecillas
Posts: 12
Registered: ‎12-28-2012
My Carrier: Simyo

Re: Server side BBM user validation.

Options

‎01-03-2013 11:10 AM

Any server API is public, so, anyone could use curl to send me a register request with a random generated 'user id', and I wouldn't be able to tell if that is a real user. So, a simple script could create as many users as wanted, the database could be filled with fake users.

 

A way to prevent this would be using the typical email registration process, with a link to validate the users. But I would like to have a way to validate a BBM registered user.

Report Inappropriate Content
Message 3 of 5 (622 Views)
Reply
0 Likes
Please use plain text.
 
Administrator
Administrator
MSohm
Posts: 12,957
Registered: ‎07-09-2008
My Carrier: Bell

Re: Server side BBM user validation.

Options

‎01-03-2013 01:16 PM

I see what you mean now.  I thought you were referring to fake data coming from the API itself.

 

There isn't anything built into ppid to accommodate this.  You'll need to implement some other kind of security measure within your application so that the server side knows that the request is coming from your application and not some other malicious source.

Mark Sohm
BlackBerry Development Advisor

Please refrain from posting new questions in solved threads.
Found a bug? Report it using the Issue Tracker
Report Inappropriate Content
Message 4 of 5 (614 Views)
Reply
Please use plain text.
 
New Developer
New Developer
dhontecillas
Posts: 12
Registered: ‎12-28-2012
My Carrier: Simyo

Re: Server side BBM user validation.

Options

‎01-03-2013 04:13 PM

Ok, thanks for the info.
Report Inappropriate Content
Message 5 of 5 (605 Views)
Reply
0 Likes
Please use plain text.