I have the FCM token, and token refreshed when user is using the application.
I want to send push notifications to users who have not logged into the app recently.
As the FCM token expires, how do I implement Firebase Messaging, and get the user FCM token when the app is not opened for days?
The token doesn't expire, it may change in the following cases.
The app is restored on a new device
The user uninstalls/reinstall the app
The user clears app data.
To handle these cases the application should retrieve the current token at initial startup and send it to the server.
See Best practices for more information.
Related
await FirebaseMessaging.instance.getToken();
I used this code to get token
but apparently this code just give me the token of the device,
For example, if i uses many accounts in my app, i'll get the same token for every accounts.
But if i use another device, i'll get different token.
A firebase messaging token is tied to an installed App on a device, not to a particular user.
See:
Firebase Cloud Messaging Auth Tokens vs Registration Token
What is the proper way to capture device registration tokens in order to send notifications via Firebase Cloud Messages?
The FCM token is generated based on the app , its bundle id and device thats why its unique for each devices for same app.
Flutter firebaseMessaging Token is device specific.If you want to change your token then you can reinstall the app.
If you want token based on user then you can use TokenRefresh method.
The token is generated per the client app instance.
On initial startup of your app, the FCM SDK generates a registration token for the client app instance.
See Best practices for FCM registration token management for details.
Only one user at the time is logged in on the app instance. Delete the token when a user logs out and then you get a new token when a new user logs in.
I am using https://rnfirebase.io/ for react native application. I am successfully able to log in the user using Facebook Login.
My question is, once I have logged in the user using facebook, and then I am deleting the app from my facebook profile that gave permissions to firebase, the firebase is still authenticating me.
So, in this way, I will always be authenticated until I signout? Is this correct? or should I request for fresh Access Tokens ?
Here is the code I am using to check if the user is logged in
_bootStrap = () => {
let route = Home;
firebase.auth().onAuthStateChanged(user => {
saveDataInAsyncStorage('userLoginInfo', user);
this._navigate(route, result);
});
}
Once your client app get a valid ID token from Firebase Authentication, it remains valid for one hour after it was issued, even if you do something to disable the user. The user will be able to use that token to gain access to resources in Firebase until it expires. At that point, the client SDK will attempt to refresh the token. If the account is disabled in some way, the refresh will fail, the the previous token will no longer have the access it once had.
So, you will have to wait at least an hour for that user to be rejected by things like Firebase security rules and Firebase Admin token validation.
I am developing a Flutter application and I am using OAuth2 for authentication. The application can't be used if you are not logged in, it just shows a login screen and forces you to log in.
When I log in, I receive the following information from the authentication server:
access token
access token lifetime
refresh token
refresh token lifetime
When the access token is about to expire, I want to get a new one by sending refresh token to authentication server.
How would I implement the refresh token mechanism? I want to update the access token every time before it expires, even if user is not using the application (it is closed). If user needed to log in every time he opens the application, it would be very bad user experience. To avoid this, I want to refresh the token in background.
How can I achieve this to work on Android and iOS? Preferably without writing any native code for each of the platforms.
You can use Future.delayed to refresh the token before the expiration.
You can also run this part of code in background with background processes but your application must be in background.
swift firebase auth user write into database expired, but it still shows user logged in. According to this question of stackflow, it is saying that the token that allows the user to access the Firebase back-end. This token is based on the previous token, is valid for an hour, and is automatically created and refreshed by the Firebase SDKs.
Is it possible to keep the token that allows the user to access the Firebase back-end for 2 weeks or longer?
If an mobile user have authorized the app for facebook via Single Sign On, is there a way the permissions can be used on the server side for offline access?
Scenario:
user uses the mobile app
user authenticates via SSO
app needs to use the user's permission on the server to check for certain updates
app pings the user via notifications if updates received
Can this be done?
You need to authorize at the app and obtain the Facebook token. Then you can send this token to your server and use it there without problems. You should ask for the offline_access permission if you want this token not to expire in a few hours.