Hi Tom,
very valid questions, thx.
I need to explain a little bit, what the app is used for (a little bit to read ):
A company is driving up to 400 different tours on a daily basis in a city.
Each tour has multiple objects with different todos.
The drivers for each tour are also changing on a daily basis.
For each tour there is at least 1 fixed vehicle.
The app is running on a public root server.
No other app is running on that machine.
The database is on the same server and will be refreshed on a daily basis.
There are 3 ways to connect to the app:
- rest api using bearer token wich expires after 30 min / used for the refresh process
- login view with standard user/pwd
- QR with direct URL to a view, containing encrypted timestamp and tour information
When loggin in using QR code,
the user/role which will be used,
has only read access to 2 entities and write access to single attributes for 1 entity.
And only access to 1 list.view and 1 detail.view.
There are 2 QR codes.
The QR code1 is related to exactly 1 tour and the actual day,
created/printed on a daily basis.
Code 1 print is in a tourbook which is given to the driver for that tour for that day.
The QR code2 is related to 1 vehicle and is a sticker inside the vehicle.
The driver will scan code 1 and will get access to the list view with an empty grid.
Then codes 2 needs to scanned and the first object for the tour will be activated and visible.
The driver will then open the detail for that activated object.
But that is only possible, when the vehicle is in a max distance radius to the object.
The distance is online live calculated based on the GPS tracker inside vehicle.
Even when both QR codes will be posted in the internet,
you would need the vehicle to be able to do anything in the app.
And when you manage to hack that,
the worst thing which can happen, is that the data for one day might be lost.
That risk is known and all are fine with that.
++++++
I am now looking how to login using the QR information and directly open the view.
I also thought about using an anonymous view.
Might be possible, because I have the encrypted information from the QR code and with that
I can set all needed constraints on runtime.
But there is still the question how to open the view via URL, passing all encrypted parameters.
That’s the whole story why I opened this topic.
KR
Roland