page.title=Remembering Your User parent.title=Remembering and Authenticating Users parent.link=index.html trainingnavtop=true next.title=Authenticating to OAuth2 Services next.link=authenticate.html @jd:body
Everyone likes it when you remember their name. One of the simplest, most effective things you can do to make your app more lovable is to remember who your user is—especially when the user upgrades to a new device or starts carrying a tablet as well as a phone. But how do you know who your user is? And how do you recognize them on a new device?
For many applications, the answer is the {@link android.accounts.AccountManager} APIs. With the user's permission, you can use Account Manager to fetch the account names that the user has stored on their device.
Integration with the user's accounts allows you to do a variety of things such as:
Applications typically try to remember the user using one of three techniques:
Option (a) is problematic. First, asking the user to type something before entering your app will automatically make your app less appealing. Second, there's no guarantee that the username chosen will be unique.
Option (b) is less onerous for the user, but it's tricky to get right. More importantly, it only allows you to remember the user on one device. Imagine the frustration of someone who upgrades to a shiny new device, only to find that your app no longer remembers them.
Option (c) is the preferred technique. Account Manager allows you to get information about the accounts that are stored on the user's device. As we'll see in this lesson, using Account Manager lets you remember your user, no matter how many devices the user may own, by adding just a couple of extra taps to your UI.
Android devices can store multiple accounts from many different providers. When you query {@link android.accounts.AccountManager} for account names, you can choose to filter by account type. The account type is a string that uniquely identifies the entity that issued the account. For instance, Google accounts have type "com.google," while Twitter uses "com.twitter.android.auth.login."
In order to get a list of accounts on the device, your app needs the {@link android.Manifest.permission#GET_ACCOUNTS} permission. Add a {@code <uses-permission>} tag in your manifest file to request this permission:
<manifest ... > <uses-permission android:name="android.permission.GET_ACCOUNTS" /> ... </manifest>
Once you decide what account type you're interested in, you need to query for accounts of that type. Get an instance of {@link android.accounts.AccountManager} by calling {@link android.accounts.AccountManager#get(android.content.Context) AccountManager.get()}. Then use that instance to call {@link android.accounts.AccountManager#getAccountsByType(java.lang.String) getAccountsByType()}.
AccountManager am = AccountManager.get(this); // "this" references the current Context Account[] accounts = am.getAccountsByType("com.google");
This returns an array of {@link android.accounts.Account} objects. If there's more than one {@link android.accounts.Account} in the array, you should present a dialog asking the user to select one.
The {@link android.accounts.Account} object contains an account name, which for Google accounts is an email address. You can use this information in several different ways, such as:
An account name is a good way to remember the user, but the {@link android.accounts.Account} object by itself doesn't protect your data or give you access to anything besides the user's account name. If your app needs to allow the user to go online to access private data, you'll need something stronger: authentication. The next lesson explains how to authenticate to existing online services. The lesson after that deals with writing a custom authenticator so that you can install your own account types.