QRCode scanner prevent misuse on menu app - react-native

So I'm working on a react native expo app ,which deals with touchless menu where a QRcode is placed on the table and you can scan it and start ordering in a restaurant ,I came across a scenario where the user can scan the QR code and go home and still able to place an order or if he makes a note of the scanned QR code via mobile camera he can again place an order without being in the restaurant .
So my point is how do I prevent a user from misusing the QR code ,what steps I should take in order to prevent this scenario from happening ,I searched various platforms and couldn't find a proper answer.
So I just need the workflow I don't need any code
Thanks in advance

The only possible way to implement a location restriction for a user is to get their permission to use their location, which in some cases a malicious user may be able to forge and still get access.
There could be monitors inside the restaurant to show a unique code which every user has to enter to get access to the menu, but again, that can cause more harm than good and be a hell to implement!

Related

Moodle - Any way to get Access logs without plugin or direct DB?

As an instructor, I want to be able to visualise a number of aspects of when my students are accessing my courses and materials. My institution refuses to give me DB access, and won't let me install a plugin. Is there any way I can pull this data? I could easily do it with a few lines of code in Canvas, so using moodle feels like stepping back in time. I've been exploring developing an LTI app as an option (I've got the demo LTIJS app working) Any ideas?
You can access user logs in a course by going to Participants then click on the user you want to track and you will be taken to their course profile. From there, you can choose any option in the "Reports" section. You will need to have the proper capabilities. The reports shown in the screenshot are from a site admin account.

Is it possible to avoid collecting specific data in Sentry?

when I’m in a sentry issue description page I can see some information collected by the sentry service and I’d like to avoid collecting them to avoid privacy issues.
The information that I’d like to not see are: app.device and user id as you can see here:
Is it possible? I’m concern about new apple privacy restrictions. I don't know if I understood them correctly, but it is necessary to explain to the user, using a pop up or something similar, that the app is using a third party software to collect data about "app crashing" and "app performance". Giving to the user the possibility to choose to not collect those data would bring to developers a lot of headaches.
I searched in all project settings and documentation but I found only a way to hide certain tags/data but the point is not hiding information, but not collecting them at all.
Thanks
The 'user.id' that Sentry creates is not an identifier that can be used to track the user across apps or devices. It's a random id created when the app runs for the first time and it's sent with all errors that happens.
The sole goal of this ID is to give the developer an idea of how many different users are affected by an issue. The developer (owner of the app) doesn't know exactly who the user is and if that same users reinstalls the app, a new id is generated so technically Sentry would report all new errors as a new user. Which is fine given the goal is to give an approximation of impact of an issue.
Developers might focus on issues that affect more customer than not.
That said, you can strip data in many ways. Through the SDK or in Sentry itself.
If you drop data in Sentry, that is done before the event is written to disk.
Sentry's documentation talks about Scrubbing Sensitive Data here.
Doing it on the SDK side, for example for React Native, you could do:
Sentry.init({
dsn: "https://examplePublicKey#o0.ingest.sentry.io/0",
beforeSend(event) {
// Modify the event here
if (event.user) {
// Don't send user id
delete event.user.id;
}
return event;
},
});
There's also a page talking about Data Privacy in the context of Google and Apple:
https://docs.sentry.io/product/security/mobile-privacy/

Logic for parking payment

I want to create an app for faster payment of parking.
This question is more about logic of my app, and what tools I need to use about creating it.
At this point, I use a parking place every day and I pay for it through the web page.
I do it like this.
Login to page.
click on the menu and it redirects me to www.parkingexample.page/payments
there is a search menu and I enter my car plate number if my car is found it returns me how much I need to pay, and "Pay" Button appears.
I click "Pay" buttons and then it's all done.
So my goal is to create an app that when I start it will automatically connect to the page and will search for my plate and if found and payment is needed there would be just one button "Pay"
So I think I should do it like this, but as I haven't created any web app(I'm 100% back-end developer) I ask you is my thought process is correct.
And also I don't want to use WebView as I think it's not necessary for me.
When I start my app it sends "POST" request to page to login.
Then I send 'GET' request to www.parkingexample.page/payments with params = 'mycarspaltenumber'
Somehow I need to click on PAY button on page when it appears so I think it's probably again 'POST' request, but at this point, I'm not sure.
So a QUESTION is, is my logic valid? or it can be done in some other way?
UPDATE. ADDED SCREENSHOTS
First Screen shoot this is the menu after I logged in with the search bar where I need to enter my card plate.
Second screen is where I found my car(Entered plate number and clicked search)
and now the page is updated with sum I have to pay and there is a button "PAID" in the bottom right corner I need to click.
And that's all i need.
To validate whether your suggested sequence is correct I would start by capturing your typical browser session between yourself and your parking provider with something like Fiddler. Then I would use HTTP client library of choice (for C# it would be something like HttpClient) and emulate the same flow with correct headers, query parameters and such like.
Looknig at your screenshots it seems the application is ASP.NET Web Forms, which can get a bit painful to emulate due to way its state management works: you will likely need to decode View state object (to ensure you're passing it back correctly) and locate all dynamic field ids that it uses for postbacks. This however is very doable.
If you discover that the above is too hard to emulate (or there's javascript involved) it might be easier to explore Remote Selenium WebDriver coupled with a headless browser like PhantomJS. You'd then have your PhantomJS interact with the page on your server, and you'll drive it with your mobile app. Basically you'll reduce the complexity of your parking provider page to a well documented API.
Hopefully that gives you a starting point
In your application, all that you will need is services call and the security part of logging a new user everytime to check for payment.
So It will be a simple spring-boot application, where you can use the security part for logging, and you can exactly use the simple way , for example you don't need to have a database, just to redirect your page, and if you are not familiar to front-end framework, you can use a basic html-css pages for client side.
Another important point, you should start by designing your application, before coding, because it's very important to know all the ideas behind your application.
Enjoy your doing time!

React-Native get location history

Is there a way to get locations history, or at least have a service to track if user visited certain location.
We want to try to track if the consumer will re-enter the location, even when app is closed.
Starbucks does that (when you're near Starbucks cafe, they send special deals based on that specific Starbucks cafe)
There is a Frequent Locations in iOS, how to get that in react-native?
Update:
Watching location is not the case, as it requires app to be active
You can use geolocation to listen to a user location. Whenever he enters the location you want, you can trigger a function to do whatever you want.
You can find more details of how to implement it in the official docs:
https://facebook.github.io/react-native/docs/geolocation.html
Hope it helps.
Your answer is Geofences. Geofences are an easy way to create an area and check if user has entered, exited and stayed or not. The app works in "terminated" mode as well provided that it has required location permission.
For iOS, you can use the Geolocation framework. I'm hopeful that react-native has a library to use that framework. If not, you can write native code and use it by building native module.

First Startup on a vb app

I want to make an app which you make a password and username and use it for the app but I only want this screen to open the first time you load the app so after the first load it goes right to the login screen
sorry I am a complete n00b at vb
I am using vb.net
I do not know how do any thing like store info nor am I knowedgable about SQL servers
I have basic knowlegde but not enough
this is not going to be a full blown app I am just trying to learn some new skills
so I am not going to worry about making new passwords or usernames and storing them for each individual user
I was just hopeing on learning how to make a login screen of some sort
THIS IS FOR EDUCATION PURPOSES ONLY THIS IS NOT GOING TO BE PUBLISHED
Just store the information is the users profile or a known directory (encrypted of course) and then look for it before the showing the dialog. If its there, just read the info.