Im trying to use firebase cloud messaging to enable push notifications on my PWA.
but i can't figure out how to save tokens after the 'user' click on 'accept' on the push notification subscription message.
Should i save token to a firebase database? or there is a automatic system to subscribe/unsubscribe/ clean the list of tokens.
Did you mean registration tokens? If so, please check out this doc which has comprehensive information about how to manage registration tokens.
Related
We are using Firebase on our project and we want only users who recieved an email invitation to be able to access register page and create a profile afterwards.
Can you do that using firebase?
There is nothing built into Firebase Authentication to allow only users you've invited to sign up. When the email+password provider is enabled, anyone can call the API and register.
What you can do though is have a list of the invited email addresses in an online database somewhere (such as Firebase's Realtime Database of Firestore) and check against that list whether a user is authorized after they have signed in.
For an example of how to limit access to the database to specific users, have a look at:
for Realtime Database: How do I lock down Firebase Database to any user from a specific (email) domain?
for Firestore: Restrict Firestore gmail sign in to specific domain
I wonder if it is possible to retrieve a user details only using it's UID, I want it because I want to show my users their list of friends, I have checked the documentation on Firebase Auth., It seems to be only supported in 'admin' section. Should I save my user data in the database instead of Auth. or Is there a way to do it without using Firebase Auth. in my server ? I am running a web application and using Javascript to manipulate data.
There is no API to list or query Firebase Auth accounts directly from a web or mobile app. That would be a security problem, and that's why it's limited to admin/backend access only via the Firebase Admin SDK.
If you do want anyone to be able to find other user accounts, you will need to store that user data in your database, or provide a backend API endpoint that it can access.
I am trying to use a 6 digit code to log-in a user.
The code is available for 20 seconds and is unique to every user.
Briefly explained:
User is already logged in on a mobile app
User press the button "Get Unique Code"
Then, user enter the code on a WebPage on his PC
If the code is correct, show data for that user
What am I asking is if there is way to properly authenticate the user who introduces that code correctly given that I have the userID and all the informations about the user?
I can try and "fake log-in" (display all the information for that user when the code is correct) but there are some issues with this and I would like to avoid it.
I am using Firebase Authentication and Firebase Firestore. JavaScript is used for Web.
You can implement any authentication scheme you want by creating a custom provider for Firebase Authentication.
See Authenticate with Firebase in JavaScript Using a Custom Authentication System and Creating Custom Tokens with the Admin SDK.
In this flow you:
Sign in the users yourself.
Create a custom token for those users in a trusted environment, such as a server you control, or Cloud Functions.
Pass that custom token to Firebase Authentication, which can then use it to identify the user, and secure access to Firestore, Storage, and Realtime Database.
Angular web app (not a native app)
I have my logic working to generate and save FCM tokens.
And I can send a send a message to one token using curl in the terminal.
I have been reviewing MANY tutorials and all I have seen send messages to one token at a time.
Is it possible to send a message to all the tokens you have saved in your Firebase Realtime Database?
Do I need to use (or build) some other tool to do this?
Thre is no built-in mechanism in Firebase Cloud Messaging to send a message to "all tokens".
Instead you can call the FCM legacy API to send a message to a collection of up to 1000 tokens at a time. The key is to use the registration_ids parameter (instead of the to parameter for a single token), as AL explains here: FCM (Firebase Cloud Messaging) Send to multiple devices and here: FCM: Message to multiple registration ids limit?, and as shown in the documentation for the legacy API.
I have an android app that uses firebase to handle and send push notifications. When an user logs-in, it is automatically subscribed to a topic in firebase and saved the token in my database.
If after logging into the app, the users uninstall the app, their token is still in firebase, subscribed to the topic. If firebase call sendToTopic("topic"), probably will fails due this invalid token.
There is any way to get notified about those invalid tokens? I need those tokens to unsubscribe it from the topic and remove it from my database.