Skip to content

Login

Registered users can login to establish their identity with the application using the API below. The login operation requires two properties: one marked as user identity and the second is password. Backendless automatically assigns the "AuthenticatedUser" role to all successfully logged in users. The role can be used to differentiate access to various resources (persistent objects, messaging channels, files) between authenticated users and guests.

Method:

Future<BackendlessUser> Backendless.userService.login(String login, String password, [bool stayLoggedIn]);

where:

Argument                Description
login a value for the property marked as identity.
password user's password
stayLoggedIn requests to store the user's login information so the login form can be skipped next time the user launches the app.

If the stayLoggedIn argument is set to true, use the following API to check if the application has the user login information from the previous runs of the application:

Backendless.userService.getUserToken().then((userToken) {
  if (userToken != null && userToken.isNotEmpty) {
      // user login is available, skip the login activity/login form 
  }
});

Errors

The following errors may occur during the Login API call. See the Error Handling section for details on how to retrieve the error code when the server returns an error.

Error Code
Description
2002
Version is disabled or provided wrong application info (application id or secret key)
3000
Login has been disabled for the user account.
3001
Missing login settings, possibly invalid application id or version.
3002
User cannot login because Multiple Logins disabled and there is a logged in user for the account.
3003
Invalid login or password.
3006
Either login or password is an empty string value.
3034
User logins are disabled for the version of the application.
3036
Account locked out due to too many failed logins.
3038
One of the required parameters (application id, version, login or password) is null
3044
Multiple login limit for the same user account has been reached.
8000
Property value exceeds the length limit

Example

// do not forget to call Backendless.initApp in the app initialization code
Backendless.userService.login(username, password).then((user) {
  // user has been logged in
});

Validating User Login

The login operation provides a way to persist the user-token on the client side so it can be used when the application is restarted. This helps in streamlining the user experience since the user of the application does not need to login again. However, when the application restarts, it needs to check if the underlying user token, and hence the user session are still valid. This can be accomplished with the API below:

Method

Future<bool> Backendless.userService.isValidLogin();

If user token is valid, objectId of the logged in user can be retrieved with the following call:

String currentUserObjectId = await Backendless.userService.loggedInUser();

Subsequently the BackendessUser instance can be obtained with the following API:

Backendless.data.of("Users").findById(currentUserObjectId);

Example

Log in a user first. Make sure the stayLoggedIn argument is true.The value of true persists the information about the login for the use by subsequent starts/sessions of the application. Then, check whether the login is valid - see the example below:

Backendless.userService.login("batman@backendless.com", "superm@n", true).then((user) {
  Backendless.userService.isValidLogin().then((response) {
    print("Is login valid? - $response");
  });
});