Is the Phone Verification API just a wrapper around TOTP to simplify the process, or are they meant for entirely different use cases?
Authy developer evangelist here.
The Phone Verification API is useful for one off verifications by SMS or a phone call. Great if all you need to do is make sure your user owns the phone number they have entered. You can read my write up of how to implement phone verification in Rails if you want to see more.
The TOTP API returns an Authy ID that you can then save and use to send verification codes to your user as part of the 2FA flow. When you then send the verification code to a user, Authy works out whether they have the Authy app or not and sends either a push notification or an SMS.
It's basically the same technology, however the TOTP case is a bit more complicated and intended for repeated uses.
I also wrote up how to implement TOTP 2FA with Authy and Rails if you want to see details on that.
Does that help at all?
Related
Is it possible, I can receive a verification code from an external app/website page using my twilio free number... as a trial account user.
I haven't tried the process either, I'm believing I could be able to verify a telegram account, having received the verification code using my twilio free number
I've incorporated Firebase Cloud Messaging into my app. After messing around, I kind of understood the premise of how it operates. So, as a result, I structured my code so that when users sign up the FCM token is stored. After creating two accounts, I realise both FCM tokens for the user were the same.
Looked online and sorted this issue, and now I can refresh the token on launch, and still append the new FCM token when users initially sign up.
So now, I ask the question - Users are created with a fcmToken field (which I can refer to in my code), however, due to the fact a new token is generated on launch each time does this render the token(s) stored for each user useless? Or can I still push to the specific user using the fcmToken?
I've looked online, but can't seem to find an answer.
FCM tokens don't uniquely identify an individual end user. They identify a specific installation of an app on a specific device. When sending with that token, it doesn't matter who is signed in to the app (or if anyone is signed in at all) - the app will still receive it and need to figure out what to do with it. It's up to you to decide what to do with that message, given the sign-in state of the user. If you expect that your app could have multiple users sharing a single app on a single device, then you will probably want to send something in the payload to determine who that message was intended for, if necessary.
#doug great answer, but there's a common implementation problem when people share a device, so please add a warning, something like: often only the last logged in user should receive push notifications, otherwise he could see messages from the person who was logged in before. your backend should not only store all the devices a user is logged in, but also for each device who the last active user is and check this upon sending a push. the question whether you receive push or not when logged out is a common topic, too.
I'm trying to send a verification email without having a firebaseUser, is it possible ?
I know i can do it with user.sendEmailVerification() method but can i do it just by giving an email from a textfield ?
Based on what I knew and what I've read from the documentation, it looks like it's not possible to do this. A Firebase user, a.k.a an user authenticated within Firebase platform is required if you want to send email verification that uses Firebase Email Vetification service.
Well, do not lose hope since there are plenty workarounds to do this. What I would do to achieve this is to use Firebase Cloud Functions to create serverless API platform. I connect Firebase Cloud Functions with Firebase Admin SDK (which also has access to other Firebase services if I am not mistaken).
I send an email using some kind of email service providers such as SendGrid to designated email address (which the app got from user's inputted email) and provide a link to verify there (in the e-mail that sent to designated email address). Then, in the cloud functions, you leverage Firebase Admin SDK to change verification status.
This approach is flexible though, as it can be used to verify a user not only with Firebase Authentication.
Hope it helps. If it's not clear for you, just comment.
Happy coding.
EDIT: After thoroughly read your question again, I realized that my answer is not fully correct. Somehow you still need a specific user to be added within Firebase Authentication database, which you would not want to do manually and let your app do so instead. Perhaps you can use Firebase Admin SDK in this matter. You can read official Firebase documentation for more information regarding Admin SDK.
I'm building an app for an online course, but I like to take their skeleton and make it better to add to my portfolio, adding features. They're teaching Firebase in this section and building a chat app... When I see their video they use "1#2.com" as their email, which doesn't seem like a real email, so I tried it in mine, and I noticed that Firebase is allowing me to use a random assortment of whatever, so an obviously not real email "ajflkdsajffadjslfj123412djflakjdf#hotmail.com" to register. I've skimmed through the firebase docs and didn't see anything that says how to check if the email is actually an email.
Technically that could be a valid mail, so there is nothing Firebase can do to check every mails if they are valid or not. What you could do though is to send an email verification to the user and if they verify their account then they can use your application.
Email Verification in Firebase Auth documentation for that can be found here.
I have developed an android application with the Parse push notification service and I can send notification from the Parse website.
How can I send push notifications through my own website using ASP.net? Is there any way?
I checked the Parse documentation but i get confused, I would really appreciate it if someone would help me.
Thanks
I ran into similar confusion. I wasn't even sure how to properly setup the user so that I could send a push notification directly to them. Then I found the following post:
Channels and Targeted Push Notifications
Note the last item under the Channels heading:
Most apps might find it useful to have a channel for each user so that
they can send messages to a user across all their devices and have
users follow others in the app.
So, now I know that I should subscribe each user to a channel that uniquely identifies the user (e.g., the 'bobsmith#foo.org' channel).
After I have subscribed the user to their channel, I can call Parse's REST API via my ASP.NET application. See Sending Pushes in the Parse REST API Developers Guide.
For an ASP.NET/C# example of how to submit a push notification check out this answer.