How to disable firebase logging or change the loglevel to min in flutter?
example of logs
[FirebaseAuth: ] getGoogleApiForMethod() returned Gms: com.google.firebase.auth.api.internal.zzaq#7862a17
D/FirebaseAuth( 6895): Notifying id token listeners about user ( Wr5ZryMbjqezcexb2a1KWt0W05C3 ).
W/Firestore( 6895): (21.3.0) [FirestoreCallCredentials]: Failed to get token: com.google.firebase.firestore.FirebaseFirestoreException: getToken aborted due to token change.
I don't think there's a way to change the log level directly from your Flutter code.
But you can open the native runner app for Android, and change the log level there.
For example, for Firestore you'd call setLoggingEnabled, as also shown here: How to set log level for Firestore?
I'm actually not sure if the logging from Firebase Authentication can be disabled, but that should typically be a lot less (mostly on app startup, and then every hour when it refreshes its ID token).
Then when you rebuild the Android app, it will use the new settings, and you can continue writing the rest of your code in Flutter.
Related
I use Firebase Firestore and Firebase Authentication in my project.
I am testing out what would happen if I go into firebase console and manually click the "Disable account".
I would expect that if the account is suspended, the authenticated user (test#mail.com in this case) will immediately receive error whenever a Firestore database is called (eg. getDocs(q) or setDoc()). The reason behind this assumption is that I assume Firestore tries to authenticate each call before doing CRUD.
However, after testing out, here is the test and result
Login user (test#mail.com)
Do a db read or write ensure everything works which it does
Go to firebase console and disable the account (test#mail.com).
Try to do another db read or write. The result here is that I was able to still read and write which is not what I expected.
So here are my questions
Is this a normal behavior?
Can I write Firebase security rule to overcome this issue?
It would be less idea if I have to check if user is logged in everytime I do a firestore call. But if that is what I have to do, how can I do that. I believe getAuth()and onAuthStateChanged is not really suitable in this case. Reason being getAuth() seems to only check the database the first time it is called. Any subsequence call it only checks the app memory and do not perform any network request at all (Verified by looking into console network tab). Which is kinda weird. And onAuthStateChanged does not listen to firebase state change, it only listens to if my app logs a user in or out.
Abit of background on what I am trying to achieve
I want to be able to lock a user out from my app by changing something from the db. And ideally not having to PING every few second .
Update:
It seems like it takes about 1-2 hour for my app to automatically recognise that the account has been disabled. It took takes alot longer than what I anticipated. I would still like to know if there is a better solution rather than wait though.
Firebase Authentication works with a combination of long-lived refresh tokens and short-lived ID tokens. The latter tokens are valid for one hour from the moment they are minted, and cannot be made invalid after they are minted.
So it may take up to an hour before your client gets a new token, and detects that its account has been disabled. You can force the client to update its ID token at any time by calling getIDToken(true). This will ensure the client has an updated ID token, but it won't invalidate the older ID token (since it's impossible to invalidate a bearer token).
What you'll want to do is write the UID or ID token to your database when you disable the user account, and then check for that in your security rules.
Also see the Firebase documentation on detecting token revocation.
We are using firebase phone authentication to authenticate our users. We've been using it for over a year now.
Today at 13:00 GMT, new users are receiving 17028 An invalid safety_net_token was passed after entering their phone number.
I tried to verify each of the causes I found on the firebase docs:
Verifying the SHA1 and SHA256 on the firebase console (We use the fingerprints that are on the play store console)
Verifying the package name
The last app update was on October 1st and since then thousands of users created an account with Firebase Auth and there were no configuration changes on the firebase console.
Upon looking at other StackOverflow questions, the error we are getting is not the same as 17028 A safety_net_token was passed, but no matching SHA-256 was registered in the Firebase console. Please make sure that this application's packageName/SHA256 pair is registered in the Firebase Console Even though it is the same error code, in our case, it says an invalid token was passed.
We are using firebase with react-native-firebase module.
EDIT: After disabling Android device verification API from Google Cloud Console the verification is now working but with no device verification. (Users have to verify they're not robots with a CAPTCHA).
Update: It is working fine now, and the outage has been fixed.
It looks to be a firebase internal issue, and the only solution now is to disable "Android Device Verification" and all your users will see the Recaptcha page.
check
https://status.firebase.google.com/
https://status.firebase.google.com/incidents/TYeQBVB4kkzyk2kE8vbP
What is the correct way to invalidate a firebase token on react-native-firebase when user logs out?
Firebase's deleteInstanceId isn't available in react-native-firebase.
In the Github issues, the following method was suggested: firebase.iid().delete()
However, after using this method once, I wasn't able to get the user to continue receiving notifications (using a newly generated firebase token) -- and the only way to start receiving firebase messages again, was to delete the app
This behavior happened on both iOS and Android.
The reason I want to invalidate the token upon logout -- is to make sure that this device will not receive notifications that are only intended for the user to see when logged-in
I have an odd problem, which I'm hoping is either a misunderstanding on my part or a misconfiguration somewhere.
I am trying to use the Firebase Firestore web sdk to retrieve data. When I make read calls to Firestore in my webapp as an un-authenticated user, the reads return fine, as expected.
However, when I'm logged in as a user (either email/password auth or Facebook auth), I get an error:
Could not reach Firestore backend.
When I set the logging level to debug, I see this:
Firestore (4.8.1) 2017-12-24T01:08:15.146Z [PersistentStream]: close with error: FirebaseError: [code=unknown]: Fetching auth token failed: Cannot redefine property: refreshToken
Which seems highly related.
Has anyone else encountered this or have a sense of what may be going on?
Thanks!
I've been having some problems with the "reauthenticateWithCredential" method.
I need to be able to delete a user from my application and erase some database nodes with user's data.
The problem is, whenever I call "reauthenticateWithCredential" and receive a positive promise, all future attempts to access my firebase database are simply ignored...no logs or permission errors are shown on the browser console.
I've tried signing the user again, calling other functions outside of the reauth function, restarting Firebase after the reauth but none of these worked.