Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Firebase Storage getDownloadUrl's token validity

Tags:

I have a question regarding the "token" in the url(&token=) when using getDownloadUrl of FirebaseStorage.

https://firebasestorage.googleapis.com/v0/b/someapplication.appspot.com/o/images%2Fsample.png?alt=media&token=123456

From docs, it says that it returns a "long lived" download url https://firebase.google.com/docs/reference/js/firebase.storage.Reference#getDownloadURL

Problem is, im saving the downloadUrl in FirebaseDatabase like

-chatroom   - c1     - m1       -message: "Sent a photo"       -photoUrl: downloadUrl here

From what i understand it is not a lifetime token so at some point in time the token will not be valid. So when I display this url in an ImageView for example, it will not load the image.

Picasso.with(context)   .load(downloadUrl)   .into(imageView)

I do understand I can use something like this in firebase to generate a new one. 

StorageReference sr = getReferenceFromUrl(downloadUrl) //pseudo-code sr.getDownloadUrl().addOnSuccessListener((Uri newUri) => {   Picasso.with(context)   .load(newUri)   .into(imageView) });

BUT! this process has an overhead of always getting a new download url in the process.

So again, how long will the token lived? Also if it is not a lifetime token, how should we store the download url properly?

like image 561
bumblebeen Avatar asked Mar 04 '17 06:03

bumblebeen

People also ask

Do Firebase storage tokens expire?

The Firebase Storage token does not expire (see Stack Overflow). Therefore, without any other modifications, our downloadUrl also never expires and remains available.

What is access token in Firebase storage?

A Firebase download URL is a long-lived, publicly accessible URL that is used to access a file from Cloud Storage. The download URL contains a download token which acts as a security measure to restrict access only to those who possess the token.

How do I enable CORS in Firebase storage?

CORS Configuration To download data directly in the browser, you must configure your Cloud Storage bucket for cross-origin access (CORS). This can be done with the gsutil command line tool, which you can install from here. Run gsutil cors set cors. json gs://<your-cloud-storage-bucket> to deploy these restrictions.

1 Answers

Firebase Storage tokens do not expire.

They may be revoked from the Firebase Console, which would invalidate URLs based on them.

like image 185
Frank van Puffelen Avatar answered Sep 30 '22 07:09

Frank van Puffelen
Sign in to Comment

Related questions

ASP.NET Core Middleware Passing Parameters to Controllers
linux difference between "sudo crontab -e" and just "crontab -e"
TypeScript type ignore case
Access nested children in xml file parsed with ElementTree
how to return response of axios in return
CSS Cursor pointer with SVG image
iOS 11 UISearchBar in UINavigationBar
What does the term "backpressure" mean in Rxjava?
Where are Entity Framework Core conventions?
What does :host /deep/ selector mean?
Does Rust have an equivalent of C's typedef?
Time zone issue involving date fns format()

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!