My question is if I'm using firebase and I also need to do backend stuff, i.e. send an email to the user, register the user in my database. Then I will also need firebase's admin service account set up to verify the user. Now, can I use my own server to run admin service account or does firebase/Google force me to use Google's app engine?
The Firebase Admin SDK can be run on any server that can run the code.
For example, the Admin SDK for Node.js is just a regular node module. This means it can be run on any node environment: your own server, on App Engine Flex/GCE/GKE/etc, or on the serverless Cloud Functions for Firebase. All work equally fine.
Related
I'm developing a reactJS app that will run in browser. I want to make request from that app to services deployed in Google Cloud Run and Google Cloud Functions, both with authentication enabled, but I don't know how to authenticate requests.
I have a Service Account credentials with permissions to invoke those services but I cannot use default credentials due to reactJS environment variables names and I cannot use the NodeJS Google Cloud SDK.
How can I authenticate request to Cloud Functions/Cloud Run from reactJS apps outside of Google Cloud?
You have to use client side authentication mechanism. Firebase Auth works very well, and you have the Google Cloud version name Google Identity Platform.
EDIT 1
If your user aren't authenticated, you can't use authentication services. You should want to limit the access, the cost, the abuse of your Cloud Functions and Cloud Run services. For that, you need to use an API Gateway, such as Google Cloud API Gateway, or a more entreprise grade with APIGee.
You can also use a HTTPS Load Balancer in front of Cloud Functions or Cloud Run and activate Cloud Armor to prevent attacks on your service (but it's not a rate limit).
I am currently working on a react application, and have a database of customer information. I want to turn that information into accounts, and was wondering if Firebase will work for this? I don't want to have to store passwords, or deal with accounts, so I just want current customers to be able to log in with google / facebook. Will Firebase be able to link into my current PostgreSQL db, or how would that work?
There are NPM modules for this that I have been looking into, however I was wondering if Firebase is a better option for this. Also, what would the limitations of a free Firebase account be?
Firebase Authentication has no built-in connection to PostgreSQL.
But if you have a trusted environment where you can run code (like your development machine, a server you control, or Cloud Functions for Firebase), you can use the Firebase Admin SDK to verify the token from Firebase Authentication. For more on this approach, see the Firebase documentation on verifying ID tokens.
When employing the Remote API for Java for accessing another application's GAE datastore (as suggested here), do I have to use an admin password (as shown in sample code) or can I use service account credentials instead. Calls to the Remote API should originate in an App Engine Client, so non-password authentication seems to be the (only) sensible choice.
Of course you can! It's as simple as that: RemoteApiOptions.useServiceAccountCredential
PS: You'll have to create a service account and download the key first. You have to grant the "AppEngine Admin"-role to the service account.
Applications that run inside the Google App Engine can use Google Accounts for user authentication. I already used this feature and it works great. I just want to know how this is working. Is there a HTTP cookie created? How can an application inside the GAE see that a user is logged in?
The AppEngine SDK takes care of the details for you, but essentially it generates the equivalent of an OAuth request to the Google Account service. All interactions with the login process go through the Google Account service (and thus the cookies it uses for session tracking are not available to the individual app).
Discovered a problem with connecting all together - Facebook, GWT and App Engine.
I need to authenticate user on my web site hosted on App Engine (Java) that uses GWT. After authentication, some information should be passed to server from facebook - like profile information, user list, etc.
Currently am trying to use facebook4gwt and authentication works fine, and I can obtain all needed information on client side, but can not transfer facebook session to server, particularly, obtain Facebook cookies for session verification.
Could anyone suggest any good solution for this? Probably, it would make sense to get rid of facebook4gwt and do everything on server side.
I have been using the gwt-facebook library for one year to authenticate users of my application on App Engine. When a user is already logged into Facebook, and has already authorized my application, I can automatically get the access_token in GWT and send it to the server which can then do the hard work (data syncing) with facebook-java-api library.