await FirebaseMessaging.instance.getToken();
I used this code to get token
but apparently this code just give me the token of the device,
For example, if i uses many accounts in my app, i'll get the same token for every accounts.
But if i use another device, i'll get different token.
A firebase messaging token is tied to an installed App on a device, not to a particular user.
See:
Firebase Cloud Messaging Auth Tokens vs Registration Token
What is the proper way to capture device registration tokens in order to send notifications via Firebase Cloud Messages?
The FCM token is generated based on the app , its bundle id and device thats why its unique for each devices for same app.
Flutter firebaseMessaging Token is device specific.If you want to change your token then you can reinstall the app.
If you want token based on user then you can use TokenRefresh method.
The token is generated per the client app instance.
On initial startup of your app, the FCM SDK generates a registration token for the client app instance.
See Best practices for FCM registration token management for details.
Only one user at the time is logged in on the app instance. Delete the token when a user logs out and then you get a new token when a new user logs in.
Related
Is there a way to share anonymous user sessions with Firebase Auth?
What I would like to is to get the current id token:
final idToken = FirebaseAuth.instance.currentUser!.getIdToken();
Then, use this idToken to authenticate the same anonymous user in a different app.
FirebaseAuth.instance.signInWithToken(idToken);
With signInWithCustomToken() method, you can use a custom auth token to sign in a user on different website. As documented here
Firebase gives you complete control over authentication by allowing
you to authenticate users or devices using secure JSON Web Tokens
(JWTs). You generate these tokens on your server, pass them back to a
client device, and then use them to authenticate via the
signInWithCustomToken() method.
You can create a custom token with the Firebase Admin SDK, or you can
use a third-party JWT library if your server is written in a language
which Firebase does not natively support.
The Firebase Admin SDK has a built-in method for creating custom
tokens. At a minimum, you need to provide a uid, which can be any
string but should uniquely identify the user or device you are
authenticating. These tokens expire after one hour.
After you create a custom token, you should send it to your client
app. The client app authenticates with the custom token by calling
signInWithCustomToken()
Also check out these links for more information and examples:
Authenticate with Firebase Using a Custom Authentication System
Firebase auth - login user from app in website
How to use the same firebase anonymous user in a flutter app
We are managing the user's Google calendar using google calendar APIs in the server. So we are getting the user's Google access token using the flutter google_sign_in library.
_googleSignIn.signIn().then((result) {
result!.authentication.then((googleKey) {
print(googleKey.accessToken);
print(googleKey.idToken);
})
})
It returns accessToken and idToken. But this access token will expire in 1 hour. We need this access token in our server to manage the user's calendar.
So we need a refresh token to get a new access token once it expires.
But there is no solution found to get a refresh token from the google_sign_in library.
Related discussions
(1) There is one approach to silent login every time the user is opening the application, but it is not feasible in our use case. Because we will have some scheduled calendar action in the server and we cannot expect the user to open the app every hour.
(2) This google doc Using OAuth 2.0 to Access Google APIs mentions that by using a refresh token we can get a new access token. But from the flutter app, we could not find any ways to get a refresh token.
(3) Some GitHub issues like this have some discussions, but nothing seems to be useful in getting the refresh token from a flutter app.
So it will be great If someone suggests a way to get a refresh token from a flutter app or any other possible workarounds for this situation.
I have the FCM token, and token refreshed when user is using the application.
I want to send push notifications to users who have not logged into the app recently.
As the FCM token expires, how do I implement Firebase Messaging, and get the user FCM token when the app is not opened for days?
The token doesn't expire, it may change in the following cases.
The app is restored on a new device
The user uninstalls/reinstall the app
The user clears app data.
To handle these cases the application should retrieve the current token at initial startup and send it to the server.
See Best practices for more information.
I am using https://rnfirebase.io/ for react native application. I am successfully able to log in the user using Facebook Login.
My question is, once I have logged in the user using facebook, and then I am deleting the app from my facebook profile that gave permissions to firebase, the firebase is still authenticating me.
So, in this way, I will always be authenticated until I signout? Is this correct? or should I request for fresh Access Tokens ?
Here is the code I am using to check if the user is logged in
_bootStrap = () => {
let route = Home;
firebase.auth().onAuthStateChanged(user => {
saveDataInAsyncStorage('userLoginInfo', user);
this._navigate(route, result);
});
}
Once your client app get a valid ID token from Firebase Authentication, it remains valid for one hour after it was issued, even if you do something to disable the user. The user will be able to use that token to gain access to resources in Firebase until it expires. At that point, the client SDK will attempt to refresh the token. If the account is disabled in some way, the refresh will fail, the the previous token will no longer have the access it once had.
So, you will have to wait at least an hour for that user to be rejected by things like Firebase security rules and Firebase Admin token validation.
I am completely new to Flutter/Dart so pardon my lack of knowledge.
I am trying to set up a login page in my app. I would like to use Firebase Auth as it supports a wide range of authentication options. However, I want to start with Facebook for which I am using the following different dart plugin
https://pub.dev/packages/flutter_facebook_login
I don't think the official flutter plugin for Firebase auth does not support Facebook login yet. My plan is to somehow combine the two to get the following
Use the flutter_facebook_login plugin to perform the login using facebook and get facebook access token
Pass the facebook access token to Firebase Auth to register a user from a custom token
However, when I pass FB access token to Firebase Auth, I get an error that the access token is malformed. Has anyone done this before?
I want to use Firebase Auth to persist the user's login session as long as possible and when the access token runs out use the refresh token to get a new access token. This will essentially mean that once the user logs in using Facebook, they will be permanently logged into my app.