 Good afternoon everybody, today this video is going to talk about Firebase Authentication. So the first of the Firebase services that we will discuss in this class. So what is authentication and does your app need it? Authentication is verifying the identity of a user. So are you who you say you are? Authentication is different from authorization. Authorization says, do you have permission to do a thing? So authentication is, are you who you say you are? And yeah, most apps that you come across need this sort of thing. Most apps that you have used probably require you to sign in in some way. So some examples. If you're a banking app like Wells Fargo or Bank of America. Yeah, you need authentication because you want to make sure that the person on the other end of your app, the person who's using it, is who they say they are because they're accessing some pretty critical information. But there are other cases, you know, banks are the easy example. Yeah, we got to know who's who there. But basically any app where you are associating data with a user or you want to have a notion of a user, you need authentication. Authentication is what's going to let you distinguish users from one another, right? So even if it's not like a really critical, super safe, safety intensive app, you still probably are going to need authentication, right? So Instagram, for example, maybe it's not the most dire of consequences if someone gets access to your account. It's not necessarily the most sensitive thing, but you do want to associate pictures and posts and messages with a person. OK, so if you want to associate with a person, you need to identify that person. And it doesn't have to be, you know, real world identification that you live at an address and you have a phone number. It's just, you know, you need to distinguish between individuals, right? So in the apps that you're creating for this course, you will also need authentication, right? And in general, most apps do have some sort of authentication, but there are some apps that don't need it, like a calculator or voice recorder or a compass app, right? Sometimes you don't care about user data, but anytime you've got users storing data or privacy is an issue or security is an issue, you absolutely need authentication. OK, so Firebase provides authentication as a service to you. And generally, it does it, it has a couple of different options for that. So if we look up here, the easiest one to use is this email and password combination. You build the user interface, you build the activity, but then Firebase provides you with Java libraries to kind of check that the username and password combination exists to check that it's valid, that it's the right combination, or to create a new account if those things aren't in there, right? Firebase also, and this is the simplest one, whoops, excuse me. This is going to be the simplest form, the email and the password. Firebase also provides support for these other types of authentication, which you've no doubt seen before. They're a little more sophisticated to use, but they're available. For your project, for your app, I'm only going to require this one. It's very easy to use. So what happens when you, like, try and say, log in here with an email and a password? Firebase provides you with some Java methods that you will call through their library. So if you try to log in here, what I will do is I will call the sign in user button and it sends the email and password up to the Firebase. This connection is encrypted. It's secure. Firebase will check, hey, is that email in there? And does the password match it? If so, it sends back an authorization token. It comes back to your app, to the user's device, and there it sits. And the user, so your app will remember that, hey, this person with this email is logged in, right? For an unspecified amount of time. I'm not sure how often the authentication tokens expire. I think that's controllable. But now your app will know that it's you. It also sends back the user data, right? So in addition to email and password, there's a user ID and some other data that comes back to your app that may be useful. It will also send back errors, right? So if you try to sign in but you have the wrong password or the email doesn't exist, you get some error data back. And then you have to decide in the user interface how to handle that error. You also have to decide how to handle success, right? Similarly for signing up, right? If you have a username and a password, you can create a new account. And if the email doesn't exist yet and it looks like a valid email address and the password is at least six characters long, it'll make the new account. But for example, if the email is already taken by an account, you'll get an error in that case. So let's take a quick look at how this does look. I've created a simple application. Let me pull up the emulator. I've created a simple application that will demonstrate this functionality for you. The application is available on GitHub, so you can look at the code and feel free to copy and reuse the code in your project. Over here in Android Studio, you can see I've got my Google services.json file from the Firebase configuration video. So I'm all ready to go. I'm ready to talk to Firebase. But I haven't yet enabled the Firebase authentication. So let me try and log in. Okay, so what I should get here, let me shrink the keyboard. I'm going to get a little pop-up error message here if I try and log in. And it says, log in failed. The sign-in provider is disabled for this project. So I need to go into my Firebase project. Here I am at the Firebase console. And I'm going to pick authentication on the left side. I actually already have a user here. Let me get rid of that. So if I click on sign-in method at the top, here's my different options. The one that I care about and that we're going to use in this course is the first option. So let me click the little edit icon and let me enable it. I'm not going to mess with this down here. You can if you want to. Let me enable it. And so now email and password is enabled. Let me go back to my app and let me try and log in again. Now what would we expect to happen? Well, I don't have any users in my app. So when I log in, this should fail. But I should get a different error message down here from last time. Log in failed. There is no user record corresponding to this identifier. That's what we would expect because there's nobody in this project now. There are no users here. Let me go back to my emulator and create new account. OK, so what I have specified my app to do in its activity is if authentication was successful and registering a new user does also log you in, I go to this very plain activity that says, hey, welcome to the person that signed in. I go over to my Firebase console again and click the refresh button. I should see my user. All right, here I am. Here's my identifier. Providers, this is saying that this user uses email and password to log in. When the user was created, when they last signed in. And then here's a unique ID that Firebase generates for every user in your system. This will be useful to us later when we talk about associating data and files with the user in Firebase. I have a couple other options here. I can reset their password, which does so via email. I can disable an account and I can delete an account. What you won't be able to do here is to see or edit a person's password. You can reset their password, but that doesn't give you the ability to configure the password. So all this stuff is done for us. I also have some kind of basic error checking that will happen. So if I type in the wrong password here, I'll get an error message. Password is invalid. If I try and create a new account with this username and password, I will get an error as well. The email address is already in use. And then there's a couple other modes. So let's say I want to create a test account, but it's not a valid email address. Firebase will let me know that as well. And then there's certain restrictions on very simple restrictions. I think it's just a character limit on the password. Password should be at least six characters. So all of these error conditions and success conditions, they are handled automatically for you by Firebase. What you have to do, though, is respond to those errors and successes. So when you look in the code, kind of scroll down here, here's the call that tries to sign in with email and password. I have to create a complete listener, and then I check, was the task successful? If so, what do you want to do? Else, the task failed. What do you want to do? Well, I've created this update UI function. It kind of handles it. And so this is going to do different things. It'll also show the little pop-ups if things happen poorly. So it's up to you, the app developer, to figure out how to handle the case where authentication failed for some reason or succeeded for some reason. There are hooks, there are events that occur in the Java code, but you decide what you want to do when those things happen, okay? So let's go back to the slide and just kind of finish up real quickly. Main takeaways, know what authentication is. It's like verifying the identity of a user. Firebase has multiple modes of authentication. Log in with Facebook, log in with GitHub. But the one we're going to use is to log in with email and password. But before you can do that, you must explicitly enable authentication in your Firebase project, okay? So now is a good time to go do the lab that's assigned. There's a lab titled Firebase Configuration and Authentication Example, and it'll walk through everything that I've done so far. And I encourage you to do it yourself. Just get comfortable with kind of configuring the project and calling the Firebase libraries. And next time, we'll move on to other Firebase services. Thanks.