Firebase Authentication issue

i am also a user of Kodular as same you are, and i am just trying to help others for as i know and i am Thankful to Kodular Team for giving this amazing platform to make apps for everyone. i hope soon you will get what you want…

2 Likes

Then we both are waiting for the Kodular staff to do what they need to do and fix their software. This isn’t a Google issue as they have provided instructions for getting an Android app to work with Firebase. I would check if it’s the absence of the additional code to the Gradle files that’s the problem. Is there a way to open a project in Android Studio, edit the Gradle file, and recompile as an apk to test that theory?

1 Like

Please be aware that there is currently an issue with Firebase Rules and authentication. It doesn’t appear that Firebase recognizes Kodular apps as authorized and any rules other than read/write = “true” seem to get you a permission denied error. They have told me that they are working on it.

1 Like

I m using it from last three days… No issue is there…

What rules are you using?

1 Like

Also, if you are uploading to the play store and use their signature system they will assign a new SHA-1 to the app. you can get that by going to your app on the play store and selecting App Signing under Release Management. That page will give you the SHA-1 you signed your upload with AND the SHA-1 that google used as well.

Hi @Alapjeet you are using secure rules on firebase and have no issues? We saw this with the Kodular staff and they told us they were aware of issues if read/write was not set to TRUE.

May be… But i have never faced any issue that’s why saying this @gopayarg
I m not opposing kodular team… But I am just sharing my experience…

Which is why I asked about your rules.
Are your firebase rules like this?

“.read”: “true”,
“.write”: “true”

If not, then knowing what yours are might help those of us that can’t seem to set rules.

Would you be willing to share with us how you set up the rules?

Thanks!

if you want to move the conversation to my post we can.


So we don’t take over @Jhow_Ws thread.

For authentication you don’t required such rules…
True & True.
@gopayarg & @GaryH

& I only make my data base readable not writeable…

1 Like

So yours is
“.read”: “true”,
“.write”: “false”

I have to write to mine… but if you have it set up as above, you are still in test mode.

Ya but security is must na @GaryH

I’m not sure what you mean by this. Are you not concerned with security? Firebase Authentication isn’t necessary if you leave your database that way because the database itself isn’t checking for authenticated users. The rules to check would read as “.read”: “Auth != null” and that will give you a permission denied error.

Let me simplify for your better understanding…

(1) Read : True;
Write : True;
The above rules is not secure. Why? Because anyone having your Bucket IDs will be able to Write anything in your database.

(2) Read : True;
Write : False;
This means, anyone having bucket id will be able to read data from your database, but would not able to write on it.

(3) Read : False;
Write : False;
Above rule is secure. But in that case, you will not be able to show (in fact call) data.

1 Like

Thanks @asimjib93
I am really confused what actually he asking…

Exactly. Authenticating a user is supposed to allow you to write rules in a way to secure your database, but the only rule that works right now is leaving read or write as “true”.

“auth != null” should only allow an authenticated user to perform that function (whether it’s read or write) and not allow just anyone to read/write to your database. It’s not super secure, but better that leaving the door open for anyone to snoop around and edit your database.

The databases we’re using on AI2 are not exactly made to use in the way we’re currently using it. So yes, you’ve to compromise.

But by providing the Firebase Authentication component it gives the developer a false sense of security regarding their data since it’s not really possible to use that authentication is any meaningful way regarding securing the data.