I would like to synchronize the users that I allow to register from stripe connect with Google Firebase Auth and the firestore database.
At the moment I've just created my stripe account and I have set up all things in Google Firebase, also a stripe extension that creates customers if the client registers as the user, but it isn't what I want.
It would be great if the user can register through the stripe connect link and sync then with firebase auth and firestore.
Does anyone have a solution for this?
Related
I am building a mobile app with Flutter and Flask Backend. For authentication, we allow username/password and google oath2 but will delegate to Firebase for credential validation.
So users credentials are stored on Firebase project but problem is we have a seperate Database with account table (we use a firebase_uuid field in account table to map to user on firebase project)
I am not sure of the registration flow since we need to handle both databases
For user/password registation, should Flutter app or Backend communicate to Firebase to create account?
I think backend should do it since after creating account on Firebase, we also need to create account on our own DB?
If we let flutter send request to Firebase directly to create account, what would be the correct flow so that my backend can also save user info in our BE database?
For google oath2 registration, similarly, if we were to do it on Flutter, what would be the flow to populate in our BE database?
Similarly, what is the flow in case of login and changing user's password?
Its pretty simple if we do not have Backend at all and just use firebase as backend but other operations required a seperate BE service
I want only people whom I register or with specified email should be able to use google sign in, rest are not allow to sign in.
example:- I run a institution and I have separate id for my fellow students and I want them to only be able to sign in using that id and otherwise they should not be allowed to use any other Id(email to be more precise).
in my flutter application using firebase-> google_sign_in.
hope I am clear!
bro add some g mails in your firestore those people you want they can access my app if this emails exist in your db then they can google signin otherwise show toast your account is not regirsted by admin
try{
FirbaseFirestore.instance.collection("alloweduser).doc().where("emial",isequalto:123#gmail.com).then(){
Goolglesinin()
{
google signcode
}
}.catch(e)
{
showToast("ask admin to app permission")
}
You are talking about authentication vs. authorization.
Authentication: Since google is your authentication provider... anyone with a valid google account is authenticated.
Authorization: Who has access to what parts of the application?
You need to implement an authorization system / flow to determine if an authenticated user has access to the app. By default... all users will have NO ACCESS.
How you implement authorization - depends on your backend and how you store user data. If you are using firebase, something like this will help: https://firebase.google.com/docs/firestore/solutions/role-based-access
I am trying to add users information like email, name etc. to Firestore DB but after email successful verification. How can I do it..?
Thanks
you should implement Firebase authentication to your app.
the flow should be something like this:
on firebase console go under authentication tab and enable email authentication
in your app request user to register/login with firebase authentication by email
after succesfull authentication your user can now write on firebase db
done
now you have to create a new user in the users "table" with a reference to the authentication user id (not mandatory but nice)
I learn Firestore and have beginner question.
If I have a web site that connect to Google Firestore Cloud datastore and the website is pulling documents from the Cloud datastore like name: value json struktur.
Is then the website a "user" or I mean do the website need to sign in even it has apikey?
I read Get started with Cloud Firestore Security Rules and can only see settings that need a signed in user!
I want a website to pull this name: value from Cloud datastore that all I want?
Here is the rules:
service cloud.firestore {
match /databases/{database}/documents {
match /<some_path>/ {
allow read, write: if request.auth != null;;
}
}
}
looks like I must make some Auth for a user not a website?
Please advice!
The answer is that one must be signed in to be able to secure Firestore databas and if a website dont want to force users to sign in the website can sign in(under the hood)
anonymous and if the user decide to sign in later the anonymous account then with the help of linkWithCredential transformeds to the users own account like Google or Facebook sign in.
You can use Firebase Authentication to create and use temporary
anonymous accounts to authenticate with Firebase. These temporary
anonymous accounts can be used to allow users who haven't yet signed
up to your app to work with data protected by security rules. If an
anonymous user decides to sign up to your app, you can link their
sign-in credentials to the anonymous account so that they can continue
to work with their protected data in future sessions.
Authenticate with Firebase Anonymously Using JavaScript
With your security rules, a user that accesses Cloud Firestore directly from the client-side code using one of the Firebase SDKs, will have to be signed in to Firebase Authentication. This applies no matter whether the client is a native mobile app, or a web site.
If you have server-side code that accesses the same Firestore database using either one of its Admin SDKs or its REST API passing administrative credentials, that code actually bypasses these security rules - so is not bound by its requirement to be signed into Firebase Authentication.
So if you render the web site server-side and read from the database in that same server-side code, there is no need for the client-side user/code to be signed in to Firebase Authentication. But if the client-side code is directly accessing Firestore using one of its SDKs or its RET API, the user will need to be signed into Firebase Authentication.
I'd like to create this simple model:
user registers and Firebase stores email & password
user pays with PayPal to access protected content
Firebase gets notified by PayPal the user has paid & logs this
paying user logs in with his credentials & Firebase authorizes access to the protected content; non-paying users are denied access
What is the bare minimum amount of functionality needed to leverage Firebase's backend and make this work?
Depends on your exact requirements (ie, are 5 or 15 minute delays acceptable) but you can get started super quickly using Zapier
https://zapier.com/zapbook/firebase/paypal/
You would setup the zap using your secret firebase and paypal keys, setting the zap to update a property on the user's profile (be sure to use Firebase security rules to limit write access to that property) which says they have paid.