I'm implementing an Android app using Firebase (Authentication and Realtime Database).
Unfortunately, even if data can be encrypted in some way, I'm still looking for some methods to hide data shown in the Firebase Console (authentication tab).
In fact, in order to be compliant with the GDPR, the registered users should not be identifiable at all. Instead, I can read the list of the emails of all registered users ( currently, it's only me :-) since the app is still under development ).
How can I solve my problem?
Many thanks in advance
Related
I want to get User Data from firebase, I need the diplayName of a User. is there any way to get the displayName of a other user with his uid?
There is no way to look up information about another user in Firebase Authentication by using the client-side SDKs of Firebase, as that would be a security risk.
There are two common ways to allow searching the users in a secure way:
Write information about each user to a database (such as Cloud Firestore or the Realtime Database) when they register, and then search the database when needed. That way your code controls what data gets written and thus is searchable.
Firebase has Admin SDKs that run in trusted environments, such as your development machine, a server you control, or Cloud Functions. These SDKs have options to list users, which means you can search them. If you wrap one of the Admin SDKs in a custom API that you build and secure yourself, you can then call that from your Flutter code.
Also see:
React native firebase authentication searching
You can't get the name, or any other details of a user that is not currently signed in using FirebaseAuth.
Instead, you must create a node in your database where you store the name, and any other necessary details by querying the database.
So my current flutter project has all users logged in with only google accounts.
Is there a way to query for user UIDs with the user's gmail or google username?
Another followup question:
I can't seem to find a clear documentation for firebase for flutter specifically, is there something like this out there?
There is no way to query across the users in Firebase Authentication from the client-side SDKs, as that would be a security risk.
If you want to allow users to find other users, the two most common approaches are:
Store information about each user in the database (typically either Realtime Database or Cloud Firestore), and search across that.
Wrap the relevant parts of the Admin SDK in a Cloud Function, and call that from your app.
While the second may sound simpler/more common at first, using a database is actually by far more common with Firebase and allows more flexibility for relatively low complexity.
I have a small question about managing data between Firebase Authentication and Firestore.
For example:
The Firebase Authentication API stores the email of the user.
But we also use Firestore to store the other details about the user.
So the question is...
Should we also store the email on Firestore ?
I feel that a duplicate data is never a good idea. But having the email directly in Firestore should be faster and easy to access.
Thank you
I feel that a duplicate data is never a good idea.
When working with NoSQL solutions I'd highly recommend letting that feeling go. Read NoSQL data modeling and watch Getting to know Cloud Firestore for more on this.
One of the things you'll learn from that is that your data model will typically evolve for the use-cases your app needs. For example, if you want to allow the user to see or search all email addresses, that functionality is not standard available in the client-side Firebase Authentication SDK. This means you have a few options to build this functionality for your users:
The server-side Admin SDKs of Firebase Authentication do have the option to look up the email address for a user, or to list users. So you could wrap this functionality in an end-point you create and secure (for example with Cloud Functions).
You can also write the user information to Cloud Firestore (or the Realtime Database) when the users registers, and then look it up there from within the app, using Firebase's security rules to ensure all access to the data is authorized.
This is just one example, and as I hope is clear, it is based on speculating that your app needs certain functionality. But it's quite common that developers store user information that is also in Firebase Authentication in a database too.
I need to see not total number of user. i only want them who are currently active (not signed out user) to my app through email and password. I want to see it from firebase console. help me please.
The Firebase Console doesn't show the number of users that are currently signed in to Firebase Authentication.
If you want to know how many users are actively using your app, you'll have to build something yourself.
Gaurav's comment about using an Analytics tool is a good hint. Even though Firebase's analytics SDK isn't available for the web, there are other analytics tools out there that would allow you to track the number of active users.
Another way is to write some information to a cloud database each time a user takes an action in your app. Then you can query that database to determine how many unique users recently took actions. That is actually pretty much what most analytics packages to. :)
A final option would be to use the Firebase Realtime Database's presence system, which uses a more active approach to detect how many users are currently connected to the database.
I'm starting with Firebase, and basically, i just want to store data in Firebase, and user from my app will only do a read only. From what i read so far, it seems that firebase only works with authentication, and i've read about anonymous authentication. But i don't see the advantage of being authenticated anonymously, since basically the user will never be upgraded to "permanent" user.
All i want is the user use my app (and only through my app) to get data without needing to authenticate.
What is the best way to achieve this ? Do i create a username and password, and use this for everyone in my app ?
Do i stay with anonymous authentication ? Since i will at first use the Firebase Spark Free, and it says that only 100 simultaneous connection for realtime database, do each creation of anonymous authentication will be considered as opening a connection all the time, thus limited my app to 100 connection/user only ? Is there a limitation for Spark Free in terms of anonymous connection ?
Thank you
You can use Firebase without authentication. Some of the Youtube tutorials on the official Firebase channel even go as far as to show you how to disable authentication on the Firebase Database and Storage. Only disable read authentication for production purposes.
Storage Rules.
Database Rules.