I am using a prototype application using Firebase. What my Android app is doing is scanning gmail emails (My account for testing) and I want insights for example to understand when to offer meetings. When to offer new tasks to the user etc... I want the machine to really understand the emails. Basically an AI app.
So the first part of the app is scanning the body of the emails and extract the text from each email.
Second part is to upload the text to the Firebase storage for analysis.
Is there a way to integrated the Firebase with Google Cloud Natural Language API?
Or to directly connect it with the Google Cloud Natural Language API using REST?
AFAIK no direct integration with Firebase, but there's a REST API and an RPC API, and libraries for C#, GO, JAVA, NODE.JS, PHP, PYTHON & RUBY
One of them is bound to suit your needs...
Related
I read firebase is referred to as backend as a service, but in its documentation it supports Nodejs. Java, Python, Golang, etc along with Web, Android, and IOS
My question is why do we need backend if firebase itself is a backend as a service.
Incase your requirements exceed what firebase offers out of the box, firebase will still give you the ability to manage your data in programmatically.
For most use cases, you won't need your own backend. But in some cases you will for example need a custom sign-in flow, or perhaps a custom dashboard to manage firebase users. In those cases firebase gives you the flexibility to do so using the firebase admin SDK, which I believe is being referred to when they list 'Nodejs. Java, Python, Golang' as supported languages.
Checkout the firebase admin documentation here to understand what you can accomplish using it. Depending on your needs, you might not need it at all.
You may be interested to interact, from some backends that you own/control (e.g. a server in your premises), with some Firebase services hosted in the cloud in the Firebase infrastructure.
This can be interesting, for example, to integrate some of your legacy applications with Firebase.
You’ll find here and here two videos from Firebase that show some real life examples.
I'm building a production hybrid mobile app that uses Firebase/Firestore. Since it's a hybrid app, I can not use the bundle ID or HTTP referrer methods to restrict the API key (Google support confirmed this is not supported).
My worry is that anyone could decompile the app and get the API key, using it with a simple Node.js script locally, and access my database.
Node.js scripts can bypass all Firestore rules, making unrestricted API keys very powerful. So far I have been unable to find a way to restrict keys with hybrid apps, including reaching out to Google support. I'm wondering if the only way to actually achieve firebase/firestore security is to use Native apps vs. Hybrid?
Actually for ios, we are not able to restrict the google api key. But, for android we have done with HTTP referrer method only.
For android it is possible.
If you are using ionic4, Please use the same origin value whatever you set in you config.xml corresponding to you android app.
I have to build an API using Firebase, and need some help with design choices. I want to be able to sell the API to users, who can then use it to build/integrate their own applications. Users will have both read and write privileges.
General information:
I'm using Firestore db with email & password authentication.
Only specifically assigned users may use the API
Each user may only access specific documents concerning them.
I've noticed 3 different ways in which an API can be provided to a user of my Firestore db:
https triggered cloud functions (https://firebase.google.com/docs/functions/http-events)
Using the SDK (https://firebase.google.com/docs/firestore/client/libraries)
Using the REST API provided by Firbase (https://firebase.google.com/docs/firestore/use-rest-api)
API requirements:
Used only by users that I specifically grant access to (email & password login)
I want to limit these users to only a couple of read/write tasks that they're able to perform.
It needs to be safe.
My current approach is:
Use the 3rd option - the REST API provided by Firebase (thereby giving users the projectId and API key)
Add authorised users to the list of authorised accounts on Firbase, and limit access using custom claims and database rules.
My questions:
It seems that https functions (option 1) are normally used in API building. Are options 2 and 3 unsafe?
What are the normal use cases of the 3 options? When should each be used and when should each be avoided?
Are there any obvious flaws in my choice of option 3?
Any other useful information about making these design decisions will be much appreciated.
Thank you in advance
TL;DL: It depends on what you want to do with this API and how many and what type of devices/users will be calling it.
Before answering your questions I will list below the advantages of each approach:
Cloud Functions:
Cloud Function is a Functions as a Service Solution, so it's also a hosting service for your API, therefore you won't have to provision, manage, or upgrade servers and the API will automatically scale based on the load. Also this option takes into account the pros of SDKs and client libraries, since your code will have to use it to connect to Firestore anyway.
SDKs and client libraries:
This is the easiest and more optimized way to reach Firestore, however, environments where running a native library is not possible such as IOT devices will be left out of your solution, so consider this while implementing this option.
Cloud Firestore REST API:
Every device properly authorized to access Firestore will be able to do so.
NOTE: For both SDK and REST API you will need to consider hosting of your API, either on Cloud Functions, as mentioned, App Engine Standard, App Engine Flex or a Compute Engine Server Instance.
All that being said, it's up to you and your API's usage and requirements to say which option is best considering the points above.
As per security, I'd say that all option can be secure if firebase rules and firebase auth are set correctly.
I am developing a new application that integrates into Firebase.
My question is whether I should have the application connect directly to Firebase Database? Or should I develop my own custom API using Node.js and have my app connect to those API's? Or is it OK for my app to connect directly to Firebase Database?
The Client SDKs (JavaScript, Android, iOS) are especially made for directly connecting your app to Firebase services (Databases, Cloud Storage, etc.).
You normally combine them with some security rules, either to manage access control or to control the data that is written to the database.
If you have specific needs that cannot be implemented through the Client SDKs (and security rules) you could very well use you own APIs using the Node.js SDK: for example, implementing you own authentication/autorisation mechanism, implementing a complex business logic to verify data that is coming from the client app, or a business logic for transforming data that you don't want to expose in the front-end (aka "Secret sauce"), etc.
Here is an article from Doug Stevenson (Firebaser) comparing Client SDKs and Cloud Functions to write to the database that you should definitely read: using Cloud Functions is similar to implementing your own APIs in Node.js (Same language, environment that you manage).
I am trying to create a REST API for my app using Firebase Cloud Functions. I know how to use Admin SDK in Cloud Functions. It does have API to createUser. My front end app lets users sign in using Google and Facebook but I am not sure how to put it all together.
My app has successfully implemented Sign in with Google and Sign in with Facebook but how and what data do I transfer over to Cloud Functions (or any REST API Server for that matter) so that it could create a user in Firebase with appropriate provider.
Update for more explanation
I am creating an app for iOS and Android with some sort of cloud based backend. Right now I am experimenting with Firebase but I do not intend to tightly couple my apps to Firebase and hence do not want to pull Firebase-iOS and Firebase-Android SDKs into my app code. I want the ability and freedom to switch my backend over to AWS or Azure without changing frontend code.
The one (and only?) way is to create a server that will expose REST API endpoints and do the work on my behalf that usually SDK does. To achieve this, I am using Cloud Functions but that shouldn't matter as long as I have API to talk to actual cloud.
After putting that explanation, now my question is how do I let my users login to app using external providers like Google and Facebook and still achieve what I am trying to do. When I let users sign in with providers, I do not have their password to send to backend to create a new email/password user.
The sample code that best illustrates what you want to do here on GitHub.
It shows how to create an Express app that handles HTTP request pages. Learn more about Express to configure it for wildcards are needed.
It accepts and checks authentication tokens in HTTP requests from Firebase Authentication to validate the end user responsible for the request.