Sign up and login


#1

Hi. I want to ask how can I create a sign up screen with entering an email and save it then put a button in the login screen that recover the password if someone forgot it.


#2

want to show password in the login screen?


#3

You should allow for password reset. Don’t save password.


#4

Yeah that’s what I mean. To reset the password by email


#5

No I mean how to build a forgot password button by an email


#7
  • To remind password you have to save username and email in a database online like firebase or mysql not in the app, because if user uninstall and reinstall the app, will lose that data…
    So when somebody forgot password he can retrieve his password from database…
    Search in community how to save and get data from firebase or mysql.
  • To reset password just clear the tag on Tinydb in wich you save the password.

#8

never store the password as plain text in the database!

you should shore hash values instead… you can use the HmacSha512 method from the tools extension for that…

@hashim_soliman if the user forgets his password, set his/her password in the table to a random value of your choice and send him an email together with the new password
Different eMail solutions for App Inventor

Taifun


#9

@Hossein - how is in that there’s no built in hash function? User name / password combos are such a basic function of so many applications, it seems to me that a built in set of tools for dealing with these should be part of AI / AppyBuilder. Including a hash function. Shouldn’t there be, along with the Password TextBox component, a “Save Hashed Password” component?


#10

@Thomas_Leavitt I agree. There should be blocks for that. AppyBuilder team could check into it. Meanwhile, there is an Obfuscate Text (not exactly what you are looking for though).
image

You can also check @Taifun post here:
https://puravidaapps.com/aes.php


#11

FYI, there’s no HMacSha512 method; there’s an HMac256 method that requires a secret key, and a Sha256 that returns a hash of a string. Which is better to use? Can the secret key be decompiled from the app?


#12

if you want to use the HmacSha256 method from the tools extension, then store the key using the Obfuscated block as @Hossein mentioned earlier

Returns a base64 encoded HMAC SHA256 hash.

the Sha256 method uses the logic from this stackoverflow answer https://stackoverflow.com/a/11009612/1545993

Returns a Sha256 hash of a given string.

Taifun