I want to generate a firebase token with device id with flutter mobile application. With this generated firebase token, I want to do with login function and other process. How can I generate firebase token with device id? Only for generating purpose, not for messaging and other purpose.
...........................
In detailedly, the the procedure I want to do is :
First : get device ID from device
Second : sent to firebase that previous getting device Id and want get back a firebase token to use in my API to login and other purpose. (!!! I asked this state. I am not familiar with firebase.)
Related
For fcm (Firebase Could messaging), We get a token using getToken()
I want to know,
Is the token generate one time
or
Is the token generate every time user login?
The registration token may change when:
The app is restored on a new device
The user uninstalls/reinstall the app
The user clears app data.
More :
Update from Play Store - Token remains same.
When close the application and reopen it - Token remains same.
If you want to call onTokenRefreshed() you should do it manually.
Learn more - https://firebase.google.com/docs/cloud-messaging/android/client
Additionally,
I recommend you should record that token for the user every time your app launches. Then, you don't face any problems.
I want to secure my own custom API for my Flutter app.
I came across Firebase App Check, but I do not want to use Firebase.
Can I use Firebase App Check without a Firebase project? It seems to like there is not Firebase involved. Only other app attestation services. https://firebase.google.com/docs/app-check/flutter/custom-resource
Do I need a Firebase project to use Firebase App Check?
Yes.
It seems to like there is not Firebase involved. Only other app attestation services.
Firebase is not an attestation provider but it uses others providers and it's a bit easier to integrate those providers using Firebase SDK than directly using them. e.g reCAPTCHA v3 for web apps.
Once you integrate the Firebase App Check SDK in your Flutter app, you'll have to get the App Check token using getToken() and add it in your API request. Then you just need to verify the token in your backend using the Firebase Admin SDK.
I have a security issue with Firebase.
I want all users to be able to update their data in a Firebase database from a flutter app but only after some app verification, payment for example. so I don't want them to be able to write data except through the app process and I have no idea how to separate the app user who has the right after verification and the one who doesn't and just knows the address of the database.
To summarize, how can I be sure a request is from the flutter app and only grant access if it's the case ?
I build an application similar to the chat applications, the user signup via the phone number using the Firebase Auth.
How I can create a list of the contacts stored by the user in their phone that is signed up in the application, such as those in the WhatsApp application.
How to fetch the phone contacts is already answered here Fetching contacts in flutter
Now you need think of your own way how you would create a list of those contacts which are also using the app. One option would be to make a query to your database for each phone number of the devices contact list and if its in the database you know this contact is also signed up, so you can add it to your list.
I have a RestAPI which will hit to authenticate the user. This api is to android they hit this api to allow user to login to our app
My requirement is this.1) If user has cell phone say xyz phone with IMEI "xyzz1234". Now if he tries to log in from his 2nd phone than he should not be allowed to login from 2nd phone. He should log out automatically from abc device.
As i am using ionicv1 framework for mobile applications.
You can update the deviceID in your database once the user Sign in on another device.
In your signIN API, validate your deviceID.
For the case of login state saved in your app, you can hit an API at your dashboard on startup which can make the person logout.
This could be one possible approach :)