Firebase on Android: User Email Authentication and Verification

Firebase is an emerging technology that targets mobile development. This course features the Firebase Authentication tool where you'll learn to integrate the cloud-based user management system.
Course info
Rating
(36)
Level
Intermediate
Updated
Oct 11, 2017
Duration
1h 13m
Table of contents
Description
Course info
Rating
(36)
Level
Intermediate
Updated
Oct 11, 2017
Duration
1h 13m
Description

The Firebase Authentication tool is arguably the most useful of the Firebase tools because you find a use for it in almost every application you build. In this course, Firebase on Android: User Email Authentication and Verification, you'll learn foundational knowledge that will give you the ability to seamlessly integrate a cloud-based user management system into your Android applications. First, you will learn how to register new users, send verification emails and sign-in existing users. Next, you'll learn how to restrict app-access to only users who have been authenticated. Finally, you'll learn how to manage user account properties like display name, profile image, and email address. When you're finished this course, you will have the skills and knowledge of Firebase Authentication needed to build a user management system for your Android applications.

About the author
About the author

Mitch's passion is teaching. He believes the current education system is outdated and you shouldn't have to spend your life savings to learn about the tech industry.

More from the author
Android Threads: Getting Started
Intermediate
2h 19m
Nov 15, 2018
Firebase on Android: Cloud Firestore
Intermediate
2h 14m
May 16, 2018
More courses by Mitch Tabian
Section Introduction Transcripts
Section Introduction Transcripts

Course Overview
Hello everyone, my name is Mitch Tabian, and welcome to my course, Firebase on Android: User Email Authentication and Verification. I'm a self-employed Android developer and I'm here to teach you about an incredible new technology called Firebase. Firebase focuses on making life simple for developers. How do they make your life simple? They have a number of cloud-based, server-less, developer tools that are almost all free to get started with. In this course we're going to get some hands-on experience with my favorite developer tool, user email authentication. Some of the major topics that we'll cover include, new user registration. The app will contain a registration screen where users can enter their email and a password. The email and password will be saved on the Firebase servers. Verifying emails. Users will have to verify their email before they can sign into the app. After they register, a link will be sent to their email, once they click it, they'll be verified. Signing with email and password. Users will be able to enter their credentials on the login screen. If they've registered and verified their email they'll be able to sign in. Restricting app access to only authenticated users. Users that don't have a registered, verified email won't be able to authenticate. And if you can't authenticate then you won't be able to gain access to the application. By the end of the course you'll be able to seamlessly integrate Firebase email authentication into your existing Android projects, or you can start new projects without having to worry about constructing a cumbersome user-management system. There's no server needed and no database needed. Before beginning the course you should be familiar with Android Studio, but I'm going to guide you through everything, so if you're fairly new you should be okay. I hope you'll join me no this journey to learn about Firebase with the User Email Authentication and Verification course at Pluralsight.

Implementing User Registration
In this one, we're going to cover everything to do with the registration and sign-in process for your app. For the duration of the module I'll be referring to the source code files in the directory module_3\start\TabianConsulting. I encourage you to use my source code as I've included resources for drawables, colors, strings, and styles. If you don't use my source code you will probably have a hard time following along. Note that if you use my source code you need to change the package name to match the Firebase project's package name and also add the google-services. json file from your Firebase console. Do not use my google-services. json file, it will not work, it won't allow Firebase to properly identify your application. In this module we're going to talk about the required authentication dependencies, the registration screen, and all methods involved it the registration process. By the end of the module you'll be able to register a new user from your Android application, whose information will be stored on the Firebase servers. We're then going to test a sign in with the credentials you registered a user with. Before we look at the code I want to talk a little bit more about the Firebase documentation. Firebase has really great documentation. I can only think of a few cases when I found it difficult to follow, or maybe when it could have used a little more information. But overall, it gets a thumbs up from me. Getting to the documentation is simple, here's three different ways you could get there. Number one, search Google for Firebase documentation. Number two, go to firebase. google. com, and then just select Docs. Or you can just go straight to firebase. google. com/docs. Either way, once you're at the docs we can click on the Get started for Android text right here. Here's where you can find anything related to Firebase and Android. I just wanted to make sure I pointed out the documentation, because, out there in the real-world jungle of software development I won't be able to help, you'll need to be resourceful and help yourself. The documentation is always the best place to start. Now let's move onto the next section and add the required dependencies.

Verifying a Registered User by Email
In this module we'll be covering everything related to the process of verifying a newly-registered email. I'll be referring to the source code files in the directory module_4\start\TabianConsulting. When registering a new user it's important to verify their identity. For example, in this application only users with an email address from the domain tabian. ca are able to register. But, what's stopping from someone with registering with say, [email protected] ca and then logging in immediately? Do you see what I mean? There's currently nothing confirming the person who registered with [email protected] ca is the same as the person who has access to the email [email protected] ca. In this situation, implementing something like email verification would solve this problem. Here's how it'll work. Upon registration an email will get sent from the Firebase server to the email address provided by the user. To flag the user's account as verified they'll have to click a link the email they receive. Once the link it clicked, the account will be verified, and they'll be able to log in. If they don't click the link they will not be able to login. In this module, we'll be building a method for sending verification emails to newly-registered users, and we're also going to add a check when users attempt to login. The check will contain some simple logic that confirms users have verified their email address. In the next section we'll get started building that method for sending the verification emails.

Using the Authentication State to Maintain Security
In this module we're going to be covering how to use the authentication state to maintain security and allow or deny users access to your application. I'll be referring to the source code files in the directory Module_5\start\TabianConsulting. Once again, I want to remind you that if you're using my source code, which I expect most likely you are, make sure to add your google-services. json file to the project and change the package to match your package. To start off, I have a question for you. Why do we bother doing all the work related to authentication? Generally it takes a lot of time and what do we really get out of it? Does that sound like a strange question? Let me explain. Wouldn't it be easier if we had system where anyone could log in and use the application? That way you wouldn't have to spend a bunch of time verifying identities and constantly checking if users are authenticated. the answer is, of course it would, but then how would we protect sensitive information? One of the main underlying reasons for implementing an authentication system is security. In this section we're going to go over how to manipulate the authentication state and give or deny users access to our application.

Managing User Account Properties
In this module we're going to talk about some of the methods Firebase provides for managing user account properties. I'll be referring to the source code files in the directory Module_6\start\TabianConsulting. Most mobile applications offer some kind of user account personalization. Take Instagram for example, you can customize your display name, description, profile picture, website, the list literally goes on and on. Firebase offers some minor account personalization methods that developers can take advantage of to make things easier and save time. Here's how it works. The FirebaseUser object that we've been looking at throughout the course has getter and setter methods for getting and setting the user's personalized properties. The methods we're going to be looking at are getDisplayName, setDisplayName, getPhotoUrl, and setPhotoUri. Before you get excited, no, that's not a typo. The setter method for the photo is setPhotoUri, despite what the getter method being getPhotoUrl. We'll talk about that later. As their names imply, their methods are responsible for getting and setting the display name and profile URL of a particular user. You can think of them as a username and a profile image. At this point you might be thinking, saving a display name and a profile URL is great, but what if the user wants to change their email they registered with? And on the same vein, what about changing or resetting a password. It turns out changing a registered email is more involved than simply calling a method like, set email, and changing a password is no different. As an additional layer of security, Firebase requires re-authentication when changing a user's email or password. They require users to enter and submit their authentication credentials within a short timeframe before a change can be made. The timeframe is roughly 5 min, but I'm not 100% certain of that number. I've tested it up to 5 min, so I know for sure within 5 min you can make a change. In this module we'll take a look at changing a user's account properties, re-authenticating, altering a registered email, and resetting a password.