Hi, I want to use firebase authentication with my app using the API of the backend that is made in PHPM2019 ? is this possible to use ? what should be done in order to be able to query the api in a secure way ? or if there is an easy way to integrate Firebase web authentication with the PHPmaker app ?
thanks
This is a little more involved than I can walk you through in this post. But to start the conversation, I assume you have your PHPMaker app location setup in Firebase?
The users Firebase that will be accessing your PHPMaker app will need to be connected to a user account in your PHPMaker project database so PNPMaker can assign the correct security levels.
The code you will need to to "wedge in" will be the login verification just before the credentials are passed to you PHPMaker app for processing.
I will also assume at this point that if the user is not in the Firebase users list then it will alert the user that they do not have a valid account. Otherwise Firebase will pass back the username and password as valid and you can then continue with credential validation process in PHPMaker.
If you take a look at the http : hybridauth .github .io (external URLS not allowed in this forum) code that permits Google and Facebook plugin you will see how it's done. Firebase authentication is basically the same thing.
If the user logging in is not a current user do you want to allow signup?
Best, K
Thanks for your feedback.
My approach is since Firebase Authentication permits a lot of auth options (email, sms, facebook, google, github, twitter) I will like to build a mobile web app for my app using this, and then connecting to PHPM via the api, so for example an approach would be to create a new user in phpm when a new user signs up in Firebase, but then if firebase user in the html5 / js app is logged in be able to pass this to the api to get the proper records of the user.
Firebase is very efficient in detecting if user is logged or not and can control the permissions, so i know i could have inside my app a generic user / pass that would get the JWT token from PHPM19 but this wont work to take advantage of phpm use security (filter of records)
maybe I am complicating this, that is why I am posting my idea to get some feedback
regards