Flutter - Understanding Firebase Admin and how to get a user's information from email/uid/name

Question

I'm making a little Snapchat clone, and a part of this app I'm trying to build is the ability to add a friend and start a conversation with them. I'm using Firebase to manage my users and I'm a little stuck now trying to figure out what works and why I'm getting problems trying to use some methods or functions.

What I want is this simple line of code to work:

var userByEmail = await _admin.app().auth().getUserByEmail("b@gmail.com");
print(userByEmail.toString());

However this has been giving my some problems, most recently, the following error message:

Unhandled Exception: FirebaseAuthError(auth/invalid-credential): Must initialize app with a cert credential or set your Firebase project ID as the GOOGLE_CLOUD_PROJECT environment variable to call verifyIdToken().

Getting to this point made me want to first ask a question about FirebaseAdmin and Auth before continuing and potentially screwing up my app settings.

Is there a simple way to do what I'm trying to do?

I have a Firebase.instance.initializeApp() in my Main function, do I only ever call that once or should I start initilizeApp in the initState of each Stateful Widget where needed?

What does this error message actually mean?

Answer 1

You are trying to use the Firebase Admin SDK in your Flutter code, which is not possible. The Admin SDKs give full administrative access to your Firebase project, which would be a serious security concern if you allow that in your Flutter app.

If you want to allow certain administrative functionality in your application, you will have to make that functionality available yourself. For example, to look up a user by their email address, there are two common approaches:

1. Store the minimal information about each user in a cloud-accessible database (such as Firebase's Realtime Database or Cloud Firestore) when each user registers with your app, and then look it up from there.
2. Wrap the getUserByEmail from the Admin SDK in a custom API that you make for yourself, on a server you control or in Cloud Functions. In that API you validate that the user making the call is authorized to do so, then call Firebase through the API you were trying to use, and return the minimal result back to the caller.

Both of these are feasible and can work to solve a variety of use-cases. But if you've never built backend code before, you might find the first approach easier to get started with.

Also see:

• How to get Firebase UID knowing email user?
• Flutter get User Data from Firebase

Answer 2

The right way to do what you want is using Firebase auth , authenticating your user and using a collection to store and retrieve users information. That auth information provided by firebase should only be used for authentication and security purposes.

The Firebase admin must have a user logged in to work properly, but its purpose is to provide a more administration environment and should not be used inside a clients app, unless its an admin app.

With all that said, lets go for the rescue:

1. Authenticate your user (using firebase auth);
2. After auth, save all the user information you want to share with other user inside its own collection (you will need to create one);
3. When an authenticated user (this is important) 'request any other users data, you query for the data in the previous created collection.