Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is it possible to only accept function calls from my app in Firebase?

Tags:

firebase

unity3d

google-cloud-firestore

google-cloud-functions

I am creating a game in Unity where the user can contribute with levels using a Level Creator system.

My application is setup in a way that I just need to call the Cloud Function with the level info, and it handles duplicate entries and saves it to Firestore. All of this works perfectly.

My question, basically, is: can I have my functions only accept calls from my game? (without having my users registered?).

Naturally, I am using functions.https.onCall((data, context) => {}). In the documentation for Firebase, I noticed they use context.auth to check whether the user is authenticated or not. However, I am logging this value to the console and it appears to be undefined.

I am also confused with this line, from the same link:

With callables, Firebase Authentication and FCM tokens, when available, are automatically included in requests.

Maybe context.auth is not defined because my game isn't yet in Google Play / Apple Store? Any ideas?

like image 418
Santiago Degetau Avatar asked Feb 12 '20 15:02

Santiago Degetau

People also ask

What does Firebase deploy -- only Functions do?

Running firebase deploy --only functions deletes the existing functions before creating new ones.

What is the difference between onCall http callable and onRequest HTTP request Functions?

onRequest creates a standard API endpoint, and you'll use whatever methods your client-side code normally uses to make. HTTP requests to interact with them. onCall creates a callable. Once you get used to them, onCall is less effort to write, but you don't have all the flexibility you might be used to.

How many requests can handle a single cloud function?

By default each Cloud Run container instance can receive up to 80 requests at the same time; you can increase this to a maximum of 1000.

When should I use Firebase Functions?

You should use Cloud Functions for Firebase if you're a developer building a mobile app or mobile web app. Firebase gives mobile developers access to a complete range of fully managed mobile-centric services including analytics, authentication and Realtime Database.

1 Answers

Thanks to the new feature called Firebase App Check, it is now actually possible to limit calls to Callable Cloud Functions to only those coming from iOS, Android and Web apps that are registered in your Firebase project.

You'll typically want to combine this with the user authentication based security that Doug describes in his answer, so that you have another shield against abusive users that do use your app.

like image 149
Frank van Puffelen Avatar answered Sep 28 '22 14:09

Frank van Puffelen
Sign in to Comment

Related questions

How to query Firebase for keys that match a string prefix
Is there a way to make Firebase hosting non-case-sensitive?
Firebase rule that needs to check for value in array (contains() in security rules)
How does Firebase crash reporting initialize
Firebase : Filters on Cohorts
Authenticate with signInWithCredential()
What is the maximum limit of users for single topic subscription in Firebase?
Firebase Hosting Usage Stats - what does "Storage" stand for?
Angular Material Multiple Select Options with Object
How do I manually view an authenticated user's display name in Firebase?
Node Mailer Error
Popup shows up and then it closes instantly
Delete a document from subcollection in Firestore with node.js
Is it possible to set storage rules using firestore of Firebase?
Migrating Firebase users to AWS Cognito
Android/FireStore QuerySnapshot convert to CustomObject
Firebase Firestore. "Cost" onSnapshot
Using TextField inside a Streambuilder
What recent change to Firestore makes it complain about "Overlapping recursive wildcard match statement"?
Firebase UI auth sign in error api exception

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!