I have an AngularJS app with no server code. I created a form in which I'd like to be able to type a message and send as a push notification to all Firebase users using our mobile app. I've looked at Firebase Cloud Messaging and services such as OneSignal, however, both strongly advise against sending push notifications via client for security reasons.
Has anyone been able do something like this? Any suggestions are appreciated. I'm not attached to any method besides the ones that work well and securely.
Thank you.
Related
I am developing my first React Native app and are struggling with the proper implementation of push notifications and real time chat. The attached image shows the current layout without chat/notifications.
The client application uses Firebase only for social network authentication (login) and image storage.
Everything else is kept back-end using PHP/MySQL which also communicates with Firebase for session token validation and email authentication (login).
Now i want to implement a real-time chat function and push notifications but are struggling with the proper way of doing it. If i have understood correctly one way could be: Socket.io (for real-time chat using mysql for archive storage) and Onesignal (for push notifications)
Or is there a better way of doing this when using a PHP/MySQL as back-end?
Any ideas or input is greatly appriciated.
I have taken a look around the internet and all the solutions emphasize using Express and Node Js API in place to able to send an email. I would love to see any suggestions on how to best go about it because I don't have a backend in place. Thank you.
You're going to need some sort of backend otherwise the API-Key will be exposed.
From the SendGrid documentation:
When you have a browser-only application that reaches out to APIs, the API key has to be embedded in the application. Anyone with access to a browser-only application can access all of the Javascript source code, including your API keys.
Making your API key publicly accessible could result in anyone authenticating API calls with your API key — this is a significant security concern both for you and SendGrid.
You could use a serverless AWS lambda function or google function which would be a "backend" but without having to support the infrastructure / use a big framework.
I am developing a React app that needs to be connected to a backend server so that the user can login using Google OAuth, and then once that access token is granted, they are able to see the rest of the app. However, I am having a difficult time understanding just how to connect the front-end app to the backend. If someone could enlighten me on this, using SpringBoot MVC and PostgreSQL, that would be great. Thanks!
You have several ways to communicate your FE(React) and your BE(SpringBoot MVC).
You can have REST endpoint on your Backend, and then try to communicate from your react application, you can use [axios][1], request or the native fetch.
Then you can just make calls to the BE, and try to read, update, delete or create information, you should read about CRUD.
The most common this days is build something like this:
(FE) <---> (BE) <---> (DB)
But I strongly recommend you to read more about:
- React SPA.
- REST, you can also read about SOAP or even GraphQL.
- CRUD.
You will found a lot of tutorials with very good examples of how to do it.
Hope this helps you to understand a little more what approach to use.
I'm currently developing a ReactJS & Firebase app, but I'm facing the following problem:
As all the code is run in the client side, how can I connect to the payment API without exposing my private token?
I was thinking on creating a Google Cloud Function that could handle this requests. I think this functions should manage maybe a sign in to get the token, and later request the payments. Should this work?
Right now Google Cloud Functions isn't free to make requests out of a Google app. Does someone know how could I avoid the $25/month?
Another alternative I was thinking on was creating a Rails API on Heroku to manage only this requests, but I'm not sure if I'm not exposing the tokens by managing the logic on the front side. (Because the front end would have to talk to Firebase and this new API)
Security is a must.
Thanks!
I'm trying to build a login system with a phone authentication system.
Does anyone of you have experience with this? I'm using fire base as a backend, and twilio for sending sms. So i need to send sms with a pin. i'm developing this app using (ionic + firebase + twilio)
Thanks
Twilio developer evangelist here.
In order to send SMS messages using Twilio you're going to need your own server so that you can make the API requests to the Twilio API. I checked through Firebase and there is nowhere for you to run your own code on there, which is a shame, though it does supply static site hosting these days, which is nice.
I recommend you take a look through the Twilio tutorials which will give you a good idea how to build an application that can perform the API requests for you. I might start by checking out:
SMS notifications in Node.js
Phone authentication using Authy in Node.js
(Authy is the best way of verifying and authenticating phone numbers and is part of Twilio now.)
Let me know if this helps at all.