Is it possible to make a PIN Authentication method with time interval?

I have two apps:
APP A - Main app with sensitive information
APP B - Security app to enter a pin.

My issue is, that I tried to stablish an app B view as a starting view for my app B but none of the deep links I put on the formula bar in app A got to work.

The only thing that worked was, opening the App A from app B.

The machanics of the app is the following
App A has an app B form as starting view via deeplink
so, when app A is started, opens app B form (not working)
app B form checks that the pin entered is from the right user (works fine)
if the pin entered is correct, app B opens app A (working fine)
if the pin is wrong, app B reopens the form (loop working fine)

What can I do to overcome this?
I alredy tried with LINKTOAPP, LINKTOVIEW and LINKTOFORM using just the app name, and app name + form name

Is it necessary to have the second app in the mix? With security filters, and the fact that you can put a condition on when anything should be shown, you can lock down your main app.

Then just incorporate your security challenge into the main app.

1 Like

This won’t solve it because I made another app to custiomize the “Cancel” and “Save” buttons to " " and “Unlock” and customize the background with another image exclussive with instructions to unlock the app or some sort of a welcome screen
chrome_mmXeGvlwLJ

I don’t understand why the deep link in starting view doesn’t work.

Could you post your formula here? Maybe there’s a bug in it, missing a comma or something. You’re on the right track and it’s likely just a matter of syntax.

I’m not sure what you mean here; you can’t have a view from one app open on another.

Are you saying that on app A you’ve got a link that takes you to App B for security challenge, then App B should link back to A (with some sort of authorization validation present in the backend)? That would be possible.

I used this formulas:

LINKTOVIEW(“Check”, “PxLogin-######”)
LINKTOAPP(“PxLogin-#######”

I did what you suggested, I created the security form inside the app, and it works great, but now I have the same problem as before, even closing the app won’t load the security screen when the app starts. The security screen loads just in the app preview from appsheet but not in my white label app.

I don’t know why I can’t set up a form as a start view in the app and i don’t know why after closing the app it won’t load again

I believe you should consider to protect your App A with security mechanism rather that splitting app into two as @MultiTech_Visions suggested.

Lets assume you could manage to achieve the story you want to achieve, open a and which open b form then enter pin, back to app a. Even this happens, you App A should be completely unprotected. For instance, if the user open App A and remember the URL for your view contains the sensitive information, this user can open the App A with that page as App A is not protected. I think it wont make sense with you. Once the page is opened, the browser remember the URL with cache.
By going directly into that URL, the user can access to your sensitive information without getting through your firewall.

2 Likes

You should be able to, not sure why when you close the app the starting view doesn’t show when someone starts the app.

Hmmm… who to tag here… @Aleksi would know.

1 Like

Hi and thanks for all the support in this issue.
I finally solved it by adding a table ”Security” with parameters: UserEmail, pin, pincheck, and match. Then I added a form_view named as the table with sensitive information but based on the data in ”Security” table. And I applied security filters too based on Useremail() and the column ”match” (True/False) that is updated every time the user enter the pin in the form displaying the column “pincheck”. If the column match if false, returns again to the form, otherwise ir open the sensitive info table.

On the other hand in the beginning I had two apps but both had security filters applied A and B, my problem was that app A can’t load app B form through deep link.

1 Like

Sure, dude.
In my case which is similar with yours, I do create one table where we store the users information such as useremail(), and some other params which are associated with each different user independently. When users log in, they look up the row based on the login user email and lookup various params. Once the conditions (value in params) matches, do something. For instance, unless the condition of the matches, all the other view within app is not going to be visible (available) for this user unless they do some actions on their own params.

If you want to refresh those settings regularly, I will probably create the timestamp fields in this table, then filter out. For instance the last time we made a stamp is more than an hour, then user need to create the fresh row, i.e. re generate the own row for own settings, otherwise they are not able to access to other views within app.

In this case I set App to always sync upon launching to refresh cache.

On my lives app, I m placing this trick here and there.

3 Likes

Interesting, I will implement that timestamp column. But I’m still a little bit dissapointed for not being able to set a starting view.

Yes then create the slice using that date time column to filter out the old rows, ie you define what is old and fresh.

So that formula could be like (If a timestamp is not found in the slice, then open up the form to enter the pin with a new timestamp, otherwise just open the inline form.)

On your case, I suggest you place two conditions,

  1. Useremail() = [EmailField]
  2. [TimeStamp] >= (Now()-hour(1)) — > Accept only that row was generated within last 1 hour

Place this to slice condition with AND()

Then let other condition, show and hide view, count the number of the slice which meet with this criteria.

If the number of rows being returned by this slice is > 0, then do something else do something else.

2 Likes

Dude, your way to do that pin lock is just ¡PERFECT!

Here you go!
There is always a trick. Just imagination is important.
Appsheet is making it to happen. That’s why Appsheet is so powerful and flexible.

2 Likes

Still there’s a small problem with this solution, it doesn’t work from 12:00 a.m. to 1:00 a.m. and the users that will interact with this app are Doctors so being able to unlock the device at any time is very crucial here. :thinking:

Are you using [TimeStamp] >= (Now()-hour(1))
As expression ?
Please place your expression exactly used in the slice .

Sure, this is for the Pin slice:
AND(
USEREMAIL() = [UserEmail]
*[timestamp] >= (NOW()-HOUR(01:00)) *
)

and this is for all the other views to display (LastPin is the name of the slice that contains the pin with timestamps and UserEmail)
IF( COUNT(LastPin[_RowNumber])>0,
TRUE, FALSE
)

Expression used in timestamp could be wrong i suspect.

You simply get timstamp when the user generate row right, by expression of NOW().

Then expression for slice could be

hour(NOW()-[TimeStamp])>1

At the time when the slice expression is run, ie. the sync of app to happen, this expression should be runnable to slice the table.
this expression will rule out the rows made more than ONE hour. You can change the number of 1 to 24 (one day) etc.

Try it out.