Android Question How does authentication android work?

There is no server involved (other than Google servers).

Eme Fibonacci said:

The entire app is authenticated? authentication by session?
The server is Responsible for checking if app is authenticated? B4J can do it? oAuth2 is the way?

Click to expand...

No. No. No. No. No.

Authenticating a user means that your app knows who is the user. It knows his name and email address.
Whether this information is important or not depend on your requirements.

Erel said:

There is no server involved (other than Google servers).


No. No. No. No. No.

Authenticating a user means that your app knows who is the user. It knows his name and email address.
Whether this information is important or not depend on your requirements.

Click to expand...

Ok, many "no". This means that really have a lot to learn.

To begin to understand:

consider this:

Activity 1 authenticates.
Activity 2 insert some data in some online database.

How to prevent someone decompile the app and skip Activity 1 and use the insert methods on Activity 2 without having to go through authentication?

Thank you.

This is not the main use case for FirebaseAuth.

It is however possible to use it for such system. Each user is assigned a unique Uid. You can see these uids in the Firebase console and you can access them with Firebase.Uid property.

You can pass this id in each of the requests. On your server maintain a list of allowed ids and reject requests from non-authorozied users.