Mobile app using Firebase or Cloud Endpoints authentication with Google App Engine backend

Question

I am developing a Mobile app (Ionic) with the backend in Google App Engine. This app needs to login using Google authentication and security interchange with Google App Engine (Python) application.

Google is showing 2 configurations to achieve this.

1. Mobile Client <-> Firebase <-> Google App Engine:

2. Mobile Client <-> Cloud Endpoints <-> App Engine:

In my current approach 1, the Ionic app is able to login to Google and exchange information with Firebase, Firebase is able to interact with Google App Engine, but I'm not sure how to get Ionic app to authentication and security interchange with Google App Engine.

Can I use this approach? OR do I need to use 2 Mobile Client <-> Cloud Endpoints <-> App Engine

Thank you.

Answer 1

I am also running approach 1 for my application.

You will receive on your android client an authentication token from Firebase after login.

Next you need to pass this token to your cloud endpoints. See the following link:

Send Firebase Token from Android to Google Cloud Endpoints

You have to verify the token on Google App Engine. Please see:

How do I secure my Google Cloud Endpoints APIs with Firebase token verification?

and please see

Google Cloud Endpoints and user's authentication

for implementing your own custom Authenticator for your Cloud Endpoints

Answer 2

You are right in using the first approach as it enables you to benefit from the Firebase infrastructure and its added functionalities as stated on the platform’s page.

Now, the Authenticating Users on App Engine Using Firebase tutorial is an excellent example of assembling an app according to your first configuration. You may want to look at the Authenticating users on the server section for more details on how your Ionic app would interact with the App Engine server. It is explained that once your users are signed-in via the added Firebase Authentication user interface (on your Ionic app), the communication between the app and the server is handled through tokens as described here.

The second approach is also possible, but you will have to implement your own authentication mechanism or use a similar application framework as Flask. A framework which the application in the provided tutorial is already based on.