Firebase Cloud Messaging设备组泄漏 [英] Firebase Cloud Messaging device groups leak
问题描述
我将开发一个使用设备组功能的应用程序.据我了解,我需要先将方法onTokenRefresh中的Android客户端上获得的当前注册令牌发送到服务器,然后通过HTTP请求将此注册令牌添加到适当的设备组(如果不存在,则创建它).但是,我看到了泄漏注册令牌的可能性,例如Android应用程序用户可能会多次擦除应用程序的数据.怎么预防呢?超过20个成员的限制会怎样?可以检查某个组是否已经存在吗?
I'm going to develop an app that uses device groups feature. As I understand I need to first send current registration token I get on Android client in method onTokenRefresh to the server and then add this registration token to proper device group (or create it if it doesn't exist) via HTTP request. I see, however, a potential for leaking registration tokens, as Android app user may for example wipe app's data multiple times. How to prevent it? What happens when a limit of 20 members is exceeded? And is it possible to check whether some group already exists or not?
推荐答案
我目前正在做一些成功的事情,但是还没有完全测试或扩展.
I am currently doing the following with some success but not fully tested or scaled yet.
App使用Firebase作为后端,我正在添加FCM来实现推送通知.
App uses firebase as the backend and I am adding FCM to implement push notifications.
当用户可能位于不同的设备或多个设备上时,我需要组来处理.
I need groups to handle when a user could be on different devices or several devices.
我使用配置文件存储每个设备的返回的notification_key值和registration_id(令牌),即
I store the returned notification_key value and the registration_id (token) for each device with the profile i.e
profiles
-profile_id
-FCM
-notification_key:value
-registration_ids
-device_1_uuid:token_for_device_1
-device_2_uuid:token_for_device_2
用户首次登录时,FCM节点下没有数据,即没有notification_key和registration_ids
When a user first signs on there is no data under the FCM node i.e. no notification_key and no registration_ids
每次用户登录时,他们都会挂接到他们的profile_id.
Each time a user signs in they hook up to their profile_id.
我得到FCM令牌,然后
I get the FCM token and then
如果没有Notification_key(即在任何设备上第一次),我使用profile_id作为notification_key_name来创建组,并存储返回的Notification_key.
If there is no notification_key (i.e. first time on any device) I create the group using the profile_id as the notification_key_name and store the notification_key that comes back.
如果有一个notification_key(在新设备上返回登录或首次登录),我会查看当前设备是否存在一个registration_id,否则(在新设备上首次登录)则添加device_uuid :token对与registration_ids.
If there is a notification_key (return sign-in or first sign-in on a new device) I see if there is a registration_id for the current device and if not (first sign-in on new device), add the device_uuid:token pair to the registration_ids.
如果有(返回登录),我从FCM组中删除存储的令牌,并用刚得到的令牌替换存储的registration_ids中的旧令牌.
If there is (return sign-on) I remove the stored token from the FCM group and replace the old token in my stored registration_ids with the token I just got.
现在,我可以通过发送该用户(配置文件)使用的所有设备的个人资料,向他们的profile_id发送消息,而且我不应该泄漏令牌,因为我删除了旧设备.
I can now message all of the devices used by that user (profile) by sending to their profile_id, and I shouldn't be leaking tokens because I delete the old ones.
但是,我没有办法知道,因为似乎没有API可以读取组和令牌,以便可以一次又一次地清理组.
However, I have no way of knowing because there doesn't seem to be API to just read the group and the tokens so that the groups could be cleaned every now and again.
此外,我的早期代码有问题,并且我没有捕获Notification_key,所以现在我无法对其中一个组进行添加,删除或执行任何操作.我讨厌这样的想法,即我将不得不永远把被烧毁的团体留在火堆云中.
Also, my early code bugged and I didn't capture the notification_key so now I can't add, remove or do anything to one of my groups. I hate the idea that I'll have to leave burned groups lying around in the firebase cloud for ever and ever.
我认为FCM应该提供更多的API访问权限,以帮助我们保持位置整洁.
I think FCM should provide more API access to help us keep the place tidy.
这篇关于Firebase Cloud Messaging设备组泄漏的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
