I was wondering if it is possible to export firebase data (perhaps as a JSON object) in frequent "cycles". The main reason I'm asking this is because I would like to capture the data at specific points of time in order to perform a range of analytics upon them / identify specific patterns. I'm interested in any operations / methods that are part of the Firebase API - maybe some kind of web hook, or other workarounds that would enable me to do this!
Any suggestions would be greatly appreciated as I could not find anything on the web / docs (maybe I've over read it?).
Firebase has a full-featured REST API, so the simplest thing to do is just poll the REST API on a regular basis. REST API docs are here: https://www.firebase.com/docs/rest-api-quickstart.html
You can also get full access to your Firebase data using the Node.js client. This allows you to attach callbacks to your data and act on changes immediately when they occur from your own server: https://www.firebase.com/docs/nodejs-quickstart.html
Firebase now provides private backup option. For more information checkout private backup for Firebase data.
You can export firebase data in Json object, just make a curl request like below:
curl 'https://MyBase.firebaseio.com/MyPoint.json?auth=MyAuth&print=pretty'
in linux terminal and you get all your child structure
Related
I'm wondering if there is some sort of API I can call that lets me pass testers to either add or remove?
I want to call the same code as what happens when you upload a CSV (see here).. but with less CSV and more Restful HTTP API (or equivalent).
I could spend some time reverse engineering what happens (and believe me, I have been trying to), but alas I have had no eureka moment yet.
Thanks!
If I find an answer before someone else does, I'll be sure to post back here.
Firebase App Distribution now has a REST API that includes endpoints to add and remove testers. Check out the reference documentation for the complete list of available endpoints.
I have a Firebase (Firestore) project on which, to my surprise, I just reached the free limit of 50k daily reads only while testing simple regular pages of my app.
I tried to find a way to log how much calls are done for each of my app's pages, or by function... I didn't find how to.
Is there a simple way to get this data clarified? I absolutely need to find what calls are causing this before sending anything to production.
There is no breakdown within the Cloud Firestore console or Stack Driver on the source of read operations. If you need something like that, the best I can think of is to log additional information from your clients.
I've looked at a few places, Including this post and the firebase panel
Is there no way to use these api's to secure these endpoints using an api key you create per client who uses your cloud functions?
I'm able to block every one putting a restriction on the Browser key, but I would like to create a new api key, and use that as a way to authenticate my endpoint for various clients.
Creating a new api key, and using that as a parameter in my query doesn't work (don't now if I'm doing anything wrong)
Is there a way to do this?
Option 1: handle authentication within the function
https://github.com/firebase/functions-samples/tree/master/authorized-https-endpoint
Adapt above to use clients/keys stored in firestore
Option 2: Use an an API Gateway
Google Cloud Endpoints (no direct support for functions yet, need to implement a proxy)
Apigee (higher cost, perhaps more than you need)
Azure API Management (lower entry cost + easy to implement as a facade for services hosted outside Azure)
there are more..
The above gateways are probably best for your use case in that the first two would let you keep everything within Google, albeit with more complexity/cost -- hopefully Endpoints will get support for functions soon. Azure would mean having part of your architecture outside Google, but looks like an easy way to achieve what your after (api key per client for your google cloud / firebase functions)
Here's a good walkthrough of implementing Azure API Management:
https://koukia.ca/a-microservices-implementation-journey-part-4-9c19a16385e9
Not to achieve what you are after, as far as firebase and GCP is concerned your clients is your specific business problem.
One way you could tackle this (with the little information that is provided);
You need somewhere to store a list of clients + their API key (I would use firestore)
For the endpoints you want to secure with a client-specific API key you can include a check to confirm the header exists and also exists in your firestore client record.
Considerations:
Depending on your expected traffic loads and the the number of firestore reads you'll be adding, you might want to double check this kind of solution will work for your budget.
Is the API-key type solution the only option you must go for? You Could probably get pretty far using the https://github.com/firebase/firebaseui-web and doing user checks in your function with no extra DB read required. If you go down this path most of the user signup/ emails / account creation logic is ready to go.
https://firebase.google.com/docs/auth/web/password-auth#before_you_begin
Curious to see what some other firebase users suggest.
Is it possible to get data from Healthkit the same way as you would query regular API (With user's consent) to store in my webapp?
Something like: healthkit.com/api/v1/user/GetWeight
If yes, where can I find a list of available methods?
If not, are there any workarounds?
You'll have to build:
your own REST API service to store and retrieve the desired data;
an iOS app that accesses the data on-device using the HealthKit SDK and POSTs it to your API.
Neither step is trivial. Good luck!
An alternative may be to install Google Fit on the iPhone, which would connect to healthkit and sync that data to the cloud, which can then be queried via Fit's REST API https://developers.google.com/fit/rest/
If it's a REST/json API you want it's not available and i guess it never will be.
HealthKit is just a standard API available in the IOS8 SDK accessible from application running on a iDevice and written in objective-c/swift.
Not sure if this question is still relevant for someone, but now you have the option to use shortcuts to gather the desired health data and post it to your own api, also you may use automation in order to make it all happen without any hustle.
Background: This is my first standalone web development project, and my only experience in Meteor is building the Discover Meteor app over the last summer. I come from about a year of CS experience as a side interest in school, and I am most comfortable with C and C++. I have experience in python and java.
Project so far: I'm creating a calendar management system (for fun). Using accounts-google, I have created user accounts that are authenticated through google. I have requested the necessary permissions that I need for my app, including 'identity' and 'calendar read/write access'. I've spent the last week or so trying to get over this next hurdle, which is actually getting data from google.
Goal: I'd like to be able to make an API call to Calendar.list using a GET request. I've already called meteor add http to add the GET request functionality, my issue comes with the actual implementation.
Problem: I have registered my app on the developer console and set up Accounts using the client ID and secret, but I have not been able to find/generate my 'API key' for use in the request. Here is the google guide for creating the access token by using my (already) downloaded private key. I'm having a hard time wrapping my head around an implementation on the server side using JS because I don't have a lot of experience with what is mentioned in the HTTP/REST portion of the implementation examples. I would appreciate some help on how to implement a handshake and receive an access token for use in my app. If there is a call I can make or some package that will handle the token generation for me, that would be even better than implementation help. I believe an answer to this would also benefit this other question
The SO answer that I've been referring to so far: https://stackoverflow.com/a/14543159/4259653 Some of it is in spanish but it's pretty understandable code. He has an API key for his request, which I asked this question to help me with. The accounts-google documentation isn't really enough to explain this all to me.
Also an unrelated small question: What is the easiest way to deal with 'time' parameters in requests. I'm assuming JS has some sort of built-in functionality that I'm just not aware of yet.
Thanks for your research. I have also asked a very similar question, and right now I am looking into the package you recommend. I have considered this meteor-google-api package, but it looks abandoned.
Regarding your question about time manipulation, I recommend MomentJS. There are many packages out there; I am using meteor add mrt:moment
EDIT: MomentJS now has an official package for Meteor, so use meteor add momentjs:moment instead of the mrt command above
Below is a snippet of what moment can do. More documentation here.
var startTimeUTC = moment.utc(event.startTime, "YYYY-MM-DD HH:mm:ss").format();
//Changes above formatting to "2014-09-08T08:02:17-05:00" (ISO 8601)
//which is acceptable time format for Google API
So I started trying to implement all of this myself on the server side, but was wary of a lot of the hard-coding I was doing and assumptions I was making to fill gaps. My security prof. used to say "never implement encryption yourself", so I decided to take another gander for a helpful package. Revising search criteria to "JWT", I found jagi's meteor-google-oauth-jwt on Atmosphere. The readme is comprehensive and provides everything I need. Following the process used in The Google OAuth Guide, an authorization request can be made and a key generated for making an API call.
Link to Atmosphere: https://atmospherejs.com/jagi/google-oauth-jwt
Link to Repo: https://github.com/jagi/meteor-google-oauth-jwt/
I will update this answer with any additional roadblocks I hit in the Google API process and how I solved them:
Recently, I've been running into problems with the API request result. I get an empty calendarlist back from the API call. I suspect this is becuase I make an API call to my developer account rather than to the subject user. I will investigate the problem and either create a new question or update this solution with the fix I find.
Fix: Wasn't including the 'sub' qualifier to the JWT token. Fixed by modifying JWT package token generation code to include delegationEmail: user.services.google.email after scope. I don't know why he used such a long designation for the option instead of sub: as it is in the google API, but I appreciate his package nontheless.
I'm quickly becoming proficient in this, so if people have meteor-related google auth questions, let me know.
DO NOT USE SERVICE ACCOUNTS AS POSTED ABOVE!
The correct approach is to use standard web access + requesting offline access. The documentation on the api page specifically states this:
Typically, an application uses a service account when the application uses Google APIs to work with its own data rather than a user's data.
The only exception to this is when you are using google apps domain accounts and want to delegate access to your service account for the entire domain:
Authorizing a service account to access data on behalf of users in a domain is sometimes referred to as "delegating domain-wide authority"
This makes logical sense as a user must be allowed to "authorise" your application.
Back to the posters original question the flow is simple:
1) Meteor accounts google package already does most of the work for you to get tokens. You can include the scope for offline access required.
2) if you are building your own flow, you will go through the stock standard process and calls as explained on auth
This will require you to:
1) HTTP call to make the original request or you can piggyback off some of the internal meteor calls : Package.oauth.OAuth.showPopup() -- go look at the source there are more nifty functions around there.
2) Then you need to create an Iron router server side route to accept the oauth response which will contain a code parameter that you will use to exchange for tokens.
3) Next use this code to make a final call to exchange the "code" for the token + refresh_token
4) Store these where ever you want - my requirement was to store them not at the user level but multiple per user
5) Use a package like GoogleAPI this wraps up Google API calls and refreshes when required - it only works when tokens are stored in user accounts so you will need to rip it apart a bit if your tokens are stored somewhere else (like in my case)