Android Question How does authentication android work?

[Eme Fibonacci]

How does authentication android work?

After this:

Sub Auth_SignedIn (User As FirebaseUser)
   Log("SignedIn: " & User.DisplayName)
   lblName.Text = "Hello: " & User.DisplayName
End Sub

The entire app is authenticated? authentication by session?

The server is Responsible for checking if app is authenticated? B4J can do it? oAuth2 is the way?

I have a lot to learn.

Thank you for explanations.

 

[Erel]

There is no server involved (other than Google servers).

The entire app is authenticated? authentication by session?
The server is Responsible for checking if app is authenticated? B4J can do it? oAuth2 is the way?

No. No. No. No. No.

Authenticating a user means that your app knows who is the user. It knows his name and email address.
Whether this information is important or not depend on your requirements.

 

[Eme Fibonacci]

There is no server involved (other than Google servers).


No. No. No. No. No.

Authenticating a user means that your app knows who is the user. It knows his name and email address.
Whether this information is important or not depend on your requirements.

Ok, many "no". This means that really have a lot to learn.

To begin to understand:

consider this:

Activity 1 authenticates.
Activity 2 insert some data in some online database.

How to prevent someone decompile the app and skip Activity 1 and use the insert methods on Activity 2 without having to go through authentication?

Thank you.

 

[Erel]

This is not the main use case for FirebaseAuth.

It is however possible to use it for such system. Each user is assigned a unique Uid. You can see these uids in the Firebase console and you can access them with Firebase.Uid property.

You can pass this id in each of the requests. On your server maintain a list of allowed ids and reject requests from non-authorozied users.