[英]How to check if Google Play Subscription is active on client-side or server-side
Basically what I want is to be able to check the linked subscription in the user account (firebase auth with firestore) is active even if the user signed in using an iPhone or a Web application using play developer API with firebase functions (server-side) or specific platform code (client-side) such as android kotlin.基本上我想要的是能够检查用户帐户中的链接订阅(firebase auth with firestore)是否处于活动状态,即使用户使用 iPhone 或 Web 应用程序使用 play developer API 和 firebase 功能登录(服务器端)或特定平台代码(客户端),例如 android kotlin。
More info更多信息
I'm using saving user subscription on firestore in the user account (Firebase auth) using Pub/Sub using cloud functions and I'm saving the same subscription data in local DB.我正在使用 Pub/Sub 使用云函数在用户帐户 (Firebase auth) 中保存用户订阅到 firestore,我在本地数据库中保存相同的订阅数据。
What I tried我试过的
To check the linked subscription in the user account is active, I'm checking that expiryTimeMillis is after the current date or autoRenewing is enabled:要检查用户帐户中的链接订阅是否处于活动状态,我正在检查expiryTimeMillis是否在当前日期之后或是否启用了自动更新:
suspend fun isPremiumActive(userId: String): Boolean {
val userSubscriptionData = localDB.getUserSubscription(userId)
if (userSubscriptionData == null)
return false
else
return Date(userSubscriptionData.expiryTimeMillis).after(Date()) ||
userSubscriptionData.autoRenewing
}
but using java Date
has a lot of downsides since it's affected by device date .但是使用 java
Date
有很多缺点,因为它受设备日期的影响。
I thought about using the server timestamp but that would be hard since user subscription is subjected to timezone (as far as I know).我考虑过使用服务器时间戳,但这很难,因为用户订阅受时区限制(据我所知)。
So is there any other way to check if the subscription is currently active?那么有没有其他方法可以检查订阅当前是否处于活动状态? Am I missing out on something?
我错过了什么吗?
Some use-case一些用例
User may sign in (in the app using firebase auth) and that account has a linked subscription so I'm expected to serve premium features if the linked subscription is valid even if the device doesn't have the same account to pay a subscription or even the user is using an iPhone, so that's why I can't call:用户可以登录(在应用程序中使用 firebase 身份验证)并且该帐户具有链接订阅,因此如果链接订阅有效,即使设备没有相同的帐户来支付订阅或甚至用户正在使用 iPhone,所以这就是我不能打电话的原因:
billingClient.queryPurchases()
Update更新
Does this typescript code considered safe to check subscription is active?这个 typescript 代码是否被认为是安全的,可以检查订阅是否有效?
const serverTime = admin.firestore.Timestamp.now().toDate()
const subscriptionTime = new Date(subscripton.exipryTimeInMilis)
if (subscripton.autoRenewing || subscriptionTime > serverTime)
console.log(`subscription is active`);
You're very much on the right track, but you're off on one subtle point:你走在正确的轨道上,但你偏离了一个微妙的点:
I thought about using the server timestamp but that would be hard since user subscription is subjected to timezone (as far as I know).
我考虑过使用服务器时间戳,但这很难,因为用户订阅受时区限制(据我所知)。
This isn't quite correct.这不太正确。 The
expiryTimeMillis
is defined in milliseconds since the Epoch (also known as Unix timestamps ), which is independent of time zones . expiryTimeMillis
定义为自 Epoch 以来的毫秒数(也称为Unix 时间戳),它与时区无关。 As the linked article notes, the Unix epoch is 00:00:00 UTC on 1 January 1970. That same time is 4:00:00 PM December 31, 1960 Pacific Standard Time, but both of those times in their respective time zones have the same timestamp : 0
.正如链接文章所指出的那样,Unix 纪元是 1970 年 1 月 1 日的 00:00:00 UTC。同一时间是 1960 年 12 月 31 日太平洋标准时间下午 4:00:00,但这两个时间在各自的时区都有相同的时间戳:
0
。
Your intuition, therefore, is correct: You should check this on the server side, using the server's timestamp .因此,您的直觉是正确的:您应该使用服务器的时间戳在服务器端进行检查。 Any attempt to check on the device will be unreliable for exactly the reasons you describe: it's subject to the device's time and whatever shenanigans the user might engage in with their device's time, whether it's traveling forward in time to get more gemstones in their favorite game, or traveling backwards to try to extend an expired subscription (maybe yours.).
由于您所描述的原因,任何检查设备的尝试都是不可靠的:它取决于设备的时间以及用户可能使用他们设备的时间进行的任何恶作剧,是否及时向前移动以在他们最喜欢的游戏中获得更多宝石,或向后移动以尝试延长过期的订阅(也许是您的订阅)。
This will also solve the problem of checking if the device isn't signed into the Google account with the subscription, or using an iPhone, because you can associate the account in your system with the subscription in your backend.这也将解决检查设备是否未通过订阅登录 Google 帐户或使用 iPhone 的问题,因为您可以将系统中的帐户与后端的订阅相关联。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.