My usecase is when user logout need to avoid sending notifications (deleteToken user). and when he again loggedin need to send the notifiations (need to generate new device fcm token).
After calling deleteToken method, and calling getToken returns previous one, not newer.
Related
I have a functionality in my app where the users can change their password or update their email address.
According to this document https://firebase.google.com/docs/auth/admin/manage-sessions i would assume that when the same user is logged in on another device at the same time that the refresh token should be revoced when the password changes and the user should be logged out.
It seems that this does not happen in my case. I use these two listeners to detect the changes:
addStateDidChangeListener
addIDTokenDidChangeListener
They are normally working when I login/logout via the Firebase login and logout functions but they don't get called when I change the password on another device.
Is there any way to get notified when a user change the password on another device?
Firebase Authentication uses ID tokens to maintain the authentication state on the client, and these tokens are valid for one hour. Only once the SDK needs to refresh the token (which it automatically does about 5 minutes before the token expires) is it guaranteed to detect the change, so that may take up to an hour.
If you want to force refreshing of the token before it expires, you can call reload on the User object.
I'm trying to get my head around how FCM actually works in Flutter. What's strange to me is that you can call:
FirebaseMessaging.instance.getToken();
and retrieve a token, even before the user has authorised the app for notifications. What's confusing to me is that:
I don't see anywhere where the FCM token is actually being uploaded to my FCM instance.
Once the user has authorised the app for notifications, how is the APNS token that is generated on acceptance actually linked/mapped to the one already in the FCM instance?
Furthermore, I always get the warning:
APNS device token not set before retrieving FCM Token for Sender ID '123412341234'. Notifications to this FCM Token will not be delivered over APNS.Be sure to re-retrieve the FCM token once the APNS device token is set.
But I can't see how to set the APNS token, or re-retrieve the token once the APNS token is set. Notifications are working on a real iOS device, so I don't see why i'm getting this message.
The docs are a little thin on the actual explanation of how FCM is communicating with an app instance in order to stay in sync with it. Can anyone help me understand this a bit better?
After successful authorization on the client, two tokens are saved in cookies, one of them is access the other is refresh, when the access token expires, the client sends a refresh and the server issues two new tokens to the client, the point is, the fact is that if the user logs in from another device, for example, from a phone , then the refresh token on the first device will already be invalid. Refresh token is stored in the database table users, in the table fields: email, password, refresh_token.
That is, when authorizing on another device, the refresh_token field will be updated and on the first device, the refresh token is already invalid in the cookies. How to make it possible to use the refresh token, not only on one device? I saw that I needed to do something with the device identifier, but did not understand, I also did not understand where to get this device identifier. I would be grateful if you describe in detail how to properly organize this process.
I am developing front end UI with Flutter, using Firebase for Authentication and have a custom backend API to processing HTTP Requests to the DB.On the API, I pass the Firebase token and use this to authenticate the user. I know the FB token expires after 1 hour, but I'm looking for the cleanest, best practice way to ensure the user can continue to use the APP without the token expiring.
The current process I am using is to get a new token before every request in flutter:
FirebaseUser fbuser = await FirebaseAuth.instance.currentUser();
String mytoken = await fbuser.getIdToken(refresh: true);
However, this feels like it will unnecessarily slow down any http request. Instead, is there any client side tool /api in Dart that would allow me to verify if the token is expired? Preferably, I'd like to just store the token, and before each call, verify it isn't expired. If it is, refresh, otherwise use the current token.
What is best practice here?
The Firebase SDKs refresh the ID token if it's older than 55 minutes. This gives it a window of 5 minutes to get a new ID token, before the old token expires. As soon as the new ID token is available, the clients start using that new ID token of course.
I'd say that the best practice would be to mimic what the Firebase SDKs do. :)
I am using firebase for chat in my application.
When i use setValue method to write at a node by Using childByAutoId it works fine.
But when my AuthToken expires and I Authenticate the user again with my custom token, the message is saved on Firebase but My .ChildAdded Observer fails to observe this change.
I am using Authenticate Using custom token method for Firebase.