Seeking some thoughts here. When someone launches my mobile game for the first time, I would prefer they get into the gameplay first before having to worry about "signing up".
I think this provides for a better user experience as you can instantly jump into gameplay. Firebase supports anonymous accounts and saving progress against anonymous accounts, which can later be converted to an actual account (e.g linking their google or facebook accounts to their anonymous account) while retaining their game progress.
Does anyone have any thoughts on this approach or is it better to force a user to decide at app-launch to make a choice between creating an anonymous account or registering using google / facebook / email / etc?
Cheers
Kevin
This is actually a very similar use case to what it often pitched to web developers using Firebase:
For a shopping app, you'll often let a developer go through the shopping flow and finish checkout. When checkout is complete, you then "promote" their account to a full account so you don't bounce a customer out during the critical flow.
For a game, not only do I love this anonymous account flow (play now, then "upgrade" for any social features you need), but I think you can get a really cool natural flow going on. For example, if you were making tic tac toe, you could use a dynamic link to invite your friends to play against you. This link will usually persist across app installation (iOS and Android, although it's a little flakier on iOS) so the player you invite can jump right into the game you're playing using Anonymous Auth to seamlessly create an account.
There are two considerations you need to make though:
You're still storing user data if you pair Realtime Database with an anonymous account. I am not a lawyer, but if your region has strict privacy regulation you will want to talk to one.
The merging an anonymous account into a "full" account process does have some non-trivial edge cases. What do you do if the player already has a full account (obviously, you have to merge the data. But you'll have to do it by hand as there's no game-agnostic way for Firebase to do it for you)? What do you do if a different user claims the same email address when you promote your account (you'll need to throw one out, and there are rules for resolving which has the stronger claim to the name)?
2 is a little complicated also by the current architecture of the Firebase auth SDK as well. All of the C# objects are pointers to C++ objects under the hood. The "current user" was bound in a way that it references a global singleton on the C++ side representing user data. This has the unfortunate side effect that you can't cache a user data on the C# side in the case of a user entering their credentials incorrectly when "upgrading" an account (usually manifesting itself in having to re-enter a username/password and maybe losing cached data). This bug is actively being tracked (I believe it's a side-effect of this one), but in the near term it just means that you probably want a good way to either re-upload local data (assuming you'll lose access to the DB node once you drop the anonymous account) or you'll want to avoid persisting any user-specific data before migrating a player to a "full" account (probably a consideration I'd have with current privacy regulations anyway).
I was testing my login/sign up feature and for some reason I can't understand Firebase now is blocking all requests from my device.
I've waited one day to try again, but I still have the same problem.
ERROR:
"We have blocked all requests from this device due to unusual activity. Try again later."
What should I do to have access to my database again?
If you use Phone Authentication, Here is what to do:
Go to Firebase Console
Authentication ==> Sign-in-method
Go to "Phone" and pop-up will show
Add your phone number at "Phone Numbers for testing" along with a verification code from your choice.
And it works now :)
One of the possible solutions:
Go to your Firebase console -> Auth -> Users table
Locate the user you are testing.
Delete this user.
Retest.
I contacted firebase support and received this message:
The error "We have blocked all requests from this device due to
unusual activity. Try again later." is usually thrown when a user is
making SMS authentication requests to a certain number of times using
the same phone number or IP address. These repeated requests are
considered as a suspicious behavior which temporarily blocks the
device or IP address.
Additionally, there's a limit of 5 SMS per phone number per 4 hours.
With this, you may try doing the following to resolve the issue:
Reduce the frequency of attempts to avoid triggering the anti-abuse
system Try using whitelisted phone numbers for testing your app
Use multiple testing devices (as the limits are applied per IP or
device) Wait for an hour for the quota to lift
I tried to increase the quota as per #lhk answer but there answer is the
following:
You also mentioned that you have increased the quota to
1000 but it didn't work. Do note that this "Manage to sign up quota"
field is intended for Email/Password and Anonymous sign-ups.
I've run into the same problem.
By default (for the free plan), firebase caps sign-ins to 100 per hour, per IP-address.
This broke our automated testing. You can change the setting like this:
open console
open your project
go to "authentication"
go to "sign-in method"
scroll down to "manage sign-in quota"
That's it. Currently the maximum setting for this quota is 1000 per hour
.
This is one of many quirks that I am running into. While Firebase seems to be a nice framework/product/service, at the moment it doesn't seem to be totally ready for broad production deployment yet. In this case I only used one particular (fake) user for testing/debugging and only after just a few attempts (probably no more than 10 sign-ins), I ran into this issue. The funny thing is that my tests delete the fake test-user after each run so I couldn't see any user in my auth user table afterwards. The solution for me was to manually add that user via the "ADD USER" button and then delete it. I think they should have (at least as a workaround) a definable user that is for testing/debugging, who is not subject to this restriction, if they really feel they have to have such a (low) limit.
I have added my phone as a test number in the Sign-in method tab.
Actually this error occurs when your quota limit is exceeded.
Just add your number and testing OTP to get it worked.
Note: The testing number will not get any message of OTP as we already
defined static OTP code.
See my answer at https://stackoverflow.com/a/39291794/18132
I went into firebase > Authentication > sign-in method > google and added my client id to the whitelist.
I managed to get this working straight away by resetting the users password.
Steps are as follows:
Go into your admin console, Authentication, Users
Locate the user
Click on the menu dots in the far right hand column
Choose reset password, then click ok
Follow the steps in the email when it comes through
The error "We have blocked all requests from this device due to unusual activity. Try again later." is usually thrown when a user is making SMS authentication requests to a certain number of times using the same phone number or IP address. These repeated requests are considered as a suspicious behavior which temporarily blocks the device or IP address.
Additionally, there's a limit of 5 SMS per phone number per 4 hours. With this, you may try doing the following to resolve the issue:
Reduce the frequency of attempts to avoid triggering the anti-abuse system Try using whitelisted phone numbers for testing your app Use multiple testing devices (as the limits are applied per IP or device) Wait for an hour for the quota to lift
Add that number of yours to Firebase as a tester. This way you can test it as many times as you can.
Else multiple requests from one number to a project. Firebase deals it as a hacker and blocks it.
Add your number as Tester as:
Go to
-> Firebase Console -> Authentication -> Sign-in-method -> Edit Phone -> Phone numbers for testing (optional)
Add your phone number and verification code of your choice and that number will then work.
You will not get verification code from firebase, but you can give the verification code you set as a tester and can login through phone
One of the causes can be sending too may verification email to a user's email within a short duration of time. Try adding a duration timer and check if the verification message has been sent within the time duration.
If you are doing tests a better way to go about it is to add the phone number as a test number Authentication > Sign in method > Phone. Then add the test number + the verification code you'll use
I was facing the same issue and I solved this problem by Buying Blaze plan. This blocking seemed like a security measure on Firebase's side.
If you are using Firebase for development purpose, buying the Blaze plan won't cost you any thing as it has the same quota of free services offered in Spark plan.
Also, setting up Firebase Auth test phone numbers should help.
Per https://firebase.google.com/docs/auth/ios/phone-auth#test-with-fictional-phone-numbers:
Test with fictional phone numbers
You can set up fictional phone numbers for development via the Firebase console. Testing with fictional phone numbers provides these benefits:
Test phone number authentication without consuming your usage quota.
Test phone number authentication without sending an actual SMS message.
Run consecutive tests with the same phone number without getting throttled. This minimizes the risk of rejection during App store review process if the reviewer happens to use the same phone number for testing.
Test readily in development environments without any additional effort, such as the ability to develop in an iOS simulator or an Android emulator without Google Play Services.
Write integration tests without being blocked by security checks normally applied on real phone numbers in a production environment.
Fictional phone numbers must meet these requirements:
Make sure you use phone numbers that are indeed fictional, and do not already exist. Firebase Authentication does not allow you to set existing phone numbers used by real users as test numbers.
One option is to use 555 prefixed numbers as US test phone numbers, for example: +1 650-555-3434
Phone numbers have to be correctly formatted for length and other constraints. They will still go through the same validation as a real user's phone number.
You can add up to 10 phone numbers for development.
Use test phone numbers/codes that are hard to guess and change those frequently.
Create fictional phone numbers and verification codes
In the Firebase console, open the Authentication section.
In the Sign in method tab, enable the Phone provider if you haven't already.
Open the Phone numbers for testing accordion menu.
Provide the phone number you want to test, for example: +1 650-555-3434.
Provide the 6-digit verification code for that specific number, for example: 654321.
Add the number. If there's a need, you can delete the phone number and its code by hovering over the corresponding row and clicking the trash icon.
I just have a general question. Can you send a url from a button on the band. I have a home automation system that you can trigger events by sending a RESTful url (endpoint) to. Basically I can put the url in any web browser and trigger the event. It would be great if this could be done through the Band. I don't really need a response from the Url, just to send it.
Does that make sense?
Thanks,
Scott
No, the Band communicates only via Bluetooth to (applications on) its paired device. On Windows (Phone), the application must be running, with a connection to the Band, and subscribed to the Tile button pressed event in order to receive such notifications. This generally rules out scenarios that require ad-hoc input from the Band unless you're willing to use voice commands via Cortana.
But i think its possible by creating custom tile and handling custom tile events. Haven't tried it in my project but can see from sdk documentation.
For android you can implement broadcast receiver and listen to tile events. Check: sdk doc
Chap 9, page 51
In short, yes it is possible.
However, the problem would be that the button would be single use to only send that ONE URL command and it actually wouldn't be done via the Band.
You can create custom layouts for your applications with the Microsoft Band SDK which will allow you to create a button. You'll then need to register to the click event from the Band which then would get fired on the device the app is running on. From there, you'd be able to send the URL but it would be sent from the Windows Phone or Windows PC rather than the Band so you'd need to be connected. The documentation covers how you can do this here: http://developer.microsoftband.com/Content/docs/Microsoft%20Band%20SDK.pdf
A downside to doing this with WinRT is that as soon as the app is closed and the connection to the Band is lost, your button click won't have any action. The best way to get around this is to create the connection to the Band in a background task but unfortunately, you can't keep hold of the connection to the Band for an infinite amount of time and you'd have to live with the possibilities that you may have times where it doesn't work. I have a GitHub sample which shows you how to connect to the Band in a background task for an indefinite amount of time.
The Microsoft Band has really been developed for the Health aspect and collecting data rather than interactions with other apps which it does in some way support.
When I receive a push notification in my j2me application it shows its built-in message at start, what I want to do is to place my own message say "Do You Want to Launch App?" when a notification of invoking application is received! How to change it?
It is unlikely that application developer would be allowed to do stuff like that in the real phone, and here's why.
This functionality is a part of security sensitive features (if you're interested in details, check documentation like The Recommended Security Policy for GSM/UMTS Compliant Devices).
If this would be allowed, malware applications could transform not just wording but the very meaning of a standard system message, thus tricking user into doing something wrong.
For an example, imagine an application doing tracking of user location, or sending paid SMS, or something similarly sensitive to one's privacy or budget, having mentioned message changed to:
Click Yes to win million dollars.
As a phone user, the last thing I would want of my device would be to allow tricks like that.
I am new to flex but my first app is a little bit more pro than you would expect form a rookie. I would like to record sound that is currently played on the local computer (i.e. form winamp or youtube). I saw some codes that use the microphone, but this is undesired. The client machine may not have a microphone hardware or may play the sound on headphones. I think this must be possible but may be not a common task so that's why I can't find the solution? Can any one help?
I believe the user of your app has to select their "input device" and allow access for the Flash web baesd app to access that input device. But, once they do the choosing, you should be able to access that Audio feed using the same microphone APIs.
bring up the Flash Player context menu and select settings. then click the microphone tab. You should see a list of all possibly options. at this moment, one option I have is "Stereo Mix" which I'm pretty sure will send out all the info from the computer.