1 Introduction
By default MIT App Inventor uses a default Firebase account provided by MIT (or the operator of an alternative version of MIT App Inventor).
We have preliminary support for people using their own Firebase account, however it is not complete and it is not secure. But it can be done.
We have preliminary support for people using their own Firebase account, however it is not complete and it is not secure. But it can be done.
2 Set the FirebaseURL
When you create your Firebase account, firebase will create a “URL” for you. It will look something like:
https://kicking-donkey-1293.firebaseio.com/
Set this URL as the FirebaseURL property in the App Inventor designer. Normally this field just contains the word “DEFAULT” which tells App Inventor to use the builtin MIT owned default account.
You will notice above the FirebaseURL property there is a “FirebaseToken” property which contains a long string. This is only used for the default account, and can safely be ignored.
Using the Firebase console (at http://firebase.com/) to go the security rules/settings and make sure they are empty (or set to something like {}). This will permit anyone to read or write values in your firebase account (remember: No security!). The only thing that protects your account at this point is the obscurity of your FirebaseURL (you can get a custom URL from firebase, but I recommend against getting a “guessable” URL because at this point its obscurity is your only protection!
https://kicking-donkey-1293.firebaseio.com/
Set this URL as the FirebaseURL property in the App Inventor designer. Normally this field just contains the word “DEFAULT” which tells App Inventor to use the builtin MIT owned default account.
You will notice above the FirebaseURL property there is a “FirebaseToken” property which contains a long string. This is only used for the default account, and can safely be ignored.
Using the Firebase console (at http://firebase.com/) to go the security rules/settings and make sure they are empty (or set to something like {}). This will permit anyone to read or write values in your firebase account (remember: No security!). The only thing that protects your account at this point is the obscurity of your FirebaseURL (you can get a custom URL from firebase, but I recommend against getting a “guessable” URL because at this point its obscurity is your only protection!
3 Test It
At this point you should be able to access your own firebase account both from the Companion and from packaged apps. However!
4 If it doesn’t work…
It may help to understand a little about how Firebase works internally in order to debug what is likely happening.
By default whenever firebase is asked to access a variable, it first tries to do it in an unauthenticated context. If this works, then all is good. However if this doesn’t work (which it won’t with the DEFAULT firebase account) then firebase performs an authentication step which involves the FirebaseToken referenced above. This token is used to establish authentication and access control for the DEFAULT account. Once authenticated, Firebase will try again. If it gets an error once authenticated, it will return an error to the program attempting to access the variable.
There is a bug (in my opinion) in Firebase in that it caches its authentication state, even when a different URL is used (like yours). This is a particular issue with the MIT AI2 Companion App. What happens is that at some point you used the Companion with the DEFAULT account, and Firebase performed authentication against the DEFAULT account. This authentication is then kept, even across termination and restart of the Companion. So when you change the FirebaseURL to use your own account, instead of attempting to access your variables in an unauthenticated (aka not logged in) state, it uses the authentication information that was used with the DEFAULT account. However this authentication is not recognized by your firebase account and an error results.
We have provided a way to get around this. It is a little obscure, but it should work.
1. Connect to the Companion from App Inventor using an App that has a Firebase Component
2. From the blocks editor, drag out the “Unauthenticate” block into the blocks editor.
3. While connected to the Companion, use the “Do It” menu option (right click) on the Unauthenticate block.
This will “unauthenticate” (or logout) from Firebase. You only need to do this once after your change your FirebaseURL to your own account. Things should then work.
By default whenever firebase is asked to access a variable, it first tries to do it in an unauthenticated context. If this works, then all is good. However if this doesn’t work (which it won’t with the DEFAULT firebase account) then firebase performs an authentication step which involves the FirebaseToken referenced above. This token is used to establish authentication and access control for the DEFAULT account. Once authenticated, Firebase will try again. If it gets an error once authenticated, it will return an error to the program attempting to access the variable.
There is a bug (in my opinion) in Firebase in that it caches its authentication state, even when a different URL is used (like yours). This is a particular issue with the MIT AI2 Companion App. What happens is that at some point you used the Companion with the DEFAULT account, and Firebase performed authentication against the DEFAULT account. This authentication is then kept, even across termination and restart of the Companion. So when you change the FirebaseURL to use your own account, instead of attempting to access your variables in an unauthenticated (aka not logged in) state, it uses the authentication information that was used with the DEFAULT account. However this authentication is not recognized by your firebase account and an error results.
We have provided a way to get around this. It is a little obscure, but it should work.
1. Connect to the Companion from App Inventor using an App that has a Firebase Component
2. From the blocks editor, drag out the “Unauthenticate” block into the blocks editor.
3. While connected to the Companion, use the “Do It” menu option (right click) on the Unauthenticate block.
댓글 없음:
댓글 쓰기