I'm using the in-app-purchase package for my Flutter app. There is one non-consumable in app purchase in my app. Each user creates a user account (using Firebase Authentication). A user can be in a group with several other users who need to know if any of the other users have paid or not.
My idea was the following: After a successful purchase I wanted to store purchaseDetails.purchaseID in the database (using Firestore). If the user then logs in to their user account on a different phone for example, they would not have to restore a purchase. Then I would already know that the user paid.
Additionally I would still implement a restore purchase button.
My problem is this: When I restore a purchase, I get a different PurchaseId than before. Even if I try to buy again (and the App Store tells me that I've already bought this item), I get a different PurchaseID afterwards.
So it would be possible for a user to create an account and buy the app. Then create a new account in my app and click on restore purchase. Then I have two accounts that are listed as paid in my database, although only one was paid for. You could repeat this as often as you like and give away the new accounts to family and friends for example.
Is there a possibility that I get the same ID every time? It doesn't have to be the PurchaseID. Maybe there is something else I could save instead (the app store userId?) or there is a completely different approach to solve my problem?
When I worked with subscriptions in the past, I used revenueCat. There it was possible to always get the same id from the same App Store or Play Store user to avoid this problematic. I could probably do that now too. But I would actually prefer not to use revenueCat if it is possible.
If you add the following import:
import 'package:in_app_purchase_storekit/in_app_purchase_storekit.dart';
it is possible to check if the purchaseDetails is an AppStorePurchaseDetails object. Then you have the possibility to get the original purchaseID via the original transaction.
var purchaseID = purchaseDetails.purchaseID;
if (purchaseDetails is AppStorePurchaseDetails) {
final originalTransaction = purchaseDetails.skPaymentTransaction.originalTransaction;
if (originalTransaction != null) {
purchaseID = originalTransaction.transactionIdentifier;
}
}
With Google you always get the same purchaseID anyway. It is therefore not necessary to take any further steps here. According to the documentation, you could also use the token (purchaseDetails.verificationData) instead of the PurchaseID as the ID or as a primary key.
purchaseToken is globally unique, so you can safely use this value as a primary key in your database
You can also get additional information from Android by adding the following import:
import 'package:in_app_purchase_android/in_app_purchase_android.dart';
For example, you can check whether a subscription is automatically renewed.
if (purchaseDetails is GooglePlayPurchaseDetails) {
if (kDebugMode) print('isAutoRenewing: ${purchaseDetails.billingClientPurchase.isAutoRenewing}');
}