Is there a way to keep all the data local, and sync it online with firebase when the user decide to login in to the app?
I know about the offline capabilities of firebase, but I don't think they are meant for this use case.
Typically you'd use an anonymous login for that situation. The data will be synchronized with the Firebase server in that case, but the user doesn't have to sign in yet. For more information, see the documentation on anonymous auth.
Related
I'm making a little Snapchat clone, and a part of this app I'm trying to build is the ability to add a friend and start a conversation with them. I'm using Firebase to manage my users and I'm a little stuck now trying to figure out what works and why I'm getting problems trying to use some methods or functions.
What I want is this simple line of code to work:
var userByEmail = await _admin.app().auth().getUserByEmail("b#gmail.com");
print(userByEmail.toString());
However this has been giving my some problems, most recently, the following error message:
Unhandled Exception: FirebaseAuthError(auth/invalid-credential): Must initialize app with a cert credential or set your Firebase project ID as the GOOGLE_CLOUD_PROJECT environment variable to call verifyIdToken().
Getting to this point made me want to first ask a question about FirebaseAdmin and Auth before continuing and potentially screwing up my app settings.
Is there a simple way to do what I'm trying to do?
I have a Firebase.instance.initializeApp() in my Main function, do I only ever call that once or should I start initilizeApp in the initState of each Stateful Widget where needed?
What does this error message actually mean?
You are trying to use the Firebase Admin SDK in your Flutter code, which is not possible. The Admin SDKs give full administrative access to your Firebase project, which would be a serious security concern if you allow that in your Flutter app.
If you want to allow certain administrative functionality in your application, you will have to make that functionality available yourself. For example, to look up a user by their email address, there are two common approaches:
Store the minimal information about each user in a cloud-accessible database (such as Firebase's Realtime Database or Cloud Firestore) when each user registers with your app, and then look it up from there.
Wrap the getUserByEmail from the Admin SDK in a custom API that you make for yourself, on a server you control or in Cloud Functions. In that API you validate that the user making the call is authorized to do so, then call Firebase through the API you were trying to use, and return the minimal result back to the caller.
Both of these are feasible and can work to solve a variety of use-cases. But if you've never built backend code before, you might find the first approach easier to get started with.
Also see:
How to get Firebase UID knowing email user?
Flutter get User Data from Firebase
The right way to do what you want is using Firebase auth, authenticating your user and using a collection to store and retrieve users information. That auth information provided by firebase should only be used for authentication and security purposes.
The Firebase admin must have a user logged in to work properly, but its purpose is to provide a more administration environment and should not be used inside a clients app, unless its an admin app.
With all that said, lets go for the rescue:
Authenticate your user (using firebase auth);
After auth, save all the user information you want to share with other user inside its own collection (you will need to create one);
When an authenticated user (this is important) 'request any other users data, you query for the data in the previous created collection.
I want to get User Data from firebase, I need the diplayName of a User. is there any way to get the displayName of a other user with his uid?
There is no way to look up information about another user in Firebase Authentication by using the client-side SDKs of Firebase, as that would be a security risk.
There are two common ways to allow searching the users in a secure way:
Write information about each user to a database (such as Cloud Firestore or the Realtime Database) when they register, and then search the database when needed. That way your code controls what data gets written and thus is searchable.
Firebase has Admin SDKs that run in trusted environments, such as your development machine, a server you control, or Cloud Functions. These SDKs have options to list users, which means you can search them. If you wrap one of the Admin SDKs in a custom API that you build and secure yourself, you can then call that from your Flutter code.
Also see:
React native firebase authentication searching
You can't get the name, or any other details of a user that is not currently signed in using FirebaseAuth.
Instead, you must create a node in your database where you store the name, and any other necessary details by querying the database.
I want to develop an Ionic app for android and ios using firebase backend.
Requirement:
1. I want to use anonymous authentication silently so that user does not have to be worry about login.
2. I just want to display list of some items on the home page using Firestore api.
Question/Problem:
1. How does firebase will get to know that only the my app using the firestore get api.
2. If I am storing api credentials/secrets in my android app and if other user somehow knows these credentials, will that person be able to use api on behalf of my credentials and I will not be able to track the usage.
Top Level:
If someone know my firebase api credentials/secrets, will that person be able to utilize my firebase quota in case I am using firebase anonymous authentication.
Thanks in advance.
The settings you use to initialize the Firebase SDK are not "secrets". It's all very much public information that identifies your app from all the other Firebase apps out there. Every Firebase app has a similar set of public data. Once you publish your app, you should assume that everyone is able to see that data.
This means that anyone can use that data. That's why it's important to use Firebase Authentication along with security rules to make sure that people logged in can only make use of whatever resources you specify. That's the only way to lock down the data in your Firebase project. If you are concerned about security, then you should be thinking about your security rules from the very beginning.
I'm starting with Firebase, and basically, i just want to store data in Firebase, and user from my app will only do a read only. From what i read so far, it seems that firebase only works with authentication, and i've read about anonymous authentication. But i don't see the advantage of being authenticated anonymously, since basically the user will never be upgraded to "permanent" user.
All i want is the user use my app (and only through my app) to get data without needing to authenticate.
What is the best way to achieve this ? Do i create a username and password, and use this for everyone in my app ?
Do i stay with anonymous authentication ? Since i will at first use the Firebase Spark Free, and it says that only 100 simultaneous connection for realtime database, do each creation of anonymous authentication will be considered as opening a connection all the time, thus limited my app to 100 connection/user only ? Is there a limitation for Spark Free in terms of anonymous connection ?
Thank you
You can use Firebase without authentication. Some of the Youtube tutorials on the official Firebase channel even go as far as to show you how to disable authentication on the Firebase Database and Storage. Only disable read authentication for production purposes.
Storage Rules.
Database Rules.
I need to allow my app to fetch general information available in the Database but without making the information accessible elsewhere. In other words, allowing only my app to access some data.
As far as I know, Anonymous login is not an option for me because at a later stage I am login using email and password.
Basically, I am looking for an alternative to Firebase Secret, in order to allow my app to access the data, but not make that data publicly available by making it .read": "true".
In Firebase 2.x the way to do this was using Firebase Secret, but do not know how to achieve the same access without officially login in.
There is a similar question here, but it asks whether or not it is possible rather than alternatives.
Although the Secrets are deprecated now, you can find it under Project settings -> Service accounts -> Database Secrets.
Instead of the Secret, you should use the Firebase Admin in your project.