I'm planning to develop an app with mindbody integrations api. I heard that we need a site-id (which is the customer id) to be able to develop and test an app. Is that right? This seems like a blocker. Don't they have a sandbox environment with which we can develop and test the apps?
Mindbody provides a sandbox studio.
Having an account created at https://developers.mindbodyonline.com/Home/LogIn gives you access to more API related information, including a link to sandbox account and credentials to login.
Related
I have python code that uses Gmail API for fetching unread emails and adding labels according to some rules.
The code runs on my computer and I wish to create a Gmail add-on for this labeling, the add-on should include a new button in the Gmail interface.
The problem is that Google add-on uses google app script.
I want to ask if there is a possibility to embed my python code into the google app script?
Thanks :)
You might use Python with Google Apps Script API to programmatically create and modify a Google Apps Script project, but the Google Apps Script uses V8 as it's runtime, and it requires JavaScript.
You might use Google Cloud Run (see https://cloud.google.com/run/docs/quickstarts/build-and-deploy/deploy-python-service) or another hosting infrastructure to use Python to use the Card Service to build the add-on user interface and use the Gmail API.
I think that it might be possible to use Google Colaboratory as the hosting infrastructure but I have no idea how convenient it will be compared to use Google Cloud Run.
I want some help with the database implementation in my project.
The final implementation:
Website:
I want to make a (flask) website where the user can create or delete an account.
Desktop application:
I also want to make a (PyQt) python application that the user can log in to his/her account via a login prompt.
Database:
I want to make a (firebase) database so the users can authenticate. The database will also collect some user information except the authentication credentials.
The implementation until now:
Firebase:
I created a “web app” in firebase so I communicate with firebase via firebaseConfig
Flask website:
I created a flask website that communicates with the firebase via the firebaseConfig. The user fills in a form, and the firebase authentication creates a user via (create_user_with_email_and_password). The database, also, collects some extra user information.
(I think that my code is “safe” as it is server-side)
The problem:
Python application:
I created a python application that the user can log in to the firebase authentication. The problem I faced is that I “have to” include the firebaseConfig in my python code. With the firebaseConfig I can create and delete users, but I don’t want the other users to have the ability to do this.
(so I think my code is unsafe because the communication with the firebase is client-side so someone may decompile the code and get the firebaseConfig).
What is the best way to make my project safer?
It sounds like you're using the Firebase Admin SDK for Python, which (like all Admin SDKs) runs with elevated privileges and should only be used in trusted environments (such as your development machine, a server that you control, or Cloud Functions/Cloud Run).
There is no Firebase-provided SDK for use in Python applications that you ship to regular users of your app. That means that your options are limited to either using the REST API to sign in with Firebase, or to use a 3rd party library, such as Pyrebase (be sure to not use a service account there, as that'd make it run with the same elevated privileges as the Admin SDK).
I made a CLI application in Python which uses Google Dialogflow.
As the documentation provides, I created a Service Account and downloaded the JSON file. Then I loaded it in Python and the application works.
Now I want to publish my software on GitHub and pip but when I load all the files I receive an e-mail from Google that states that I am not managing correctly my credentials. And I agree with that.
The problem is that I do not understand how to manage properly those credentials.
There is 2 solutions:
Either anyone can access to your backend, and you don't need a service account, because it's pubilc
Or, it's private and you don't publish your key (if the secret is known of everyone, the security is useless, make it public!). It's a requirement of the deployment to not commit publicly but to document and to explain how to configure the correct service account to use your app.
Provide more on your context and want you want to achieve to have better pieces of advice. What do you want to protect? Where will you deploy your app? ...
Just have a small doubt, I am building a small application in python which will use firebase database and storage, I am reading too much about firebase admin sdk, What is the basic difference between normal firebase services and firebase admin sdk or is it one and the same, also if i am starting development now is using firebase admin sdk recommended...?
Also i will integrate the database and storage to my android application.
I'll add on to what Doug said in his answer, I suspect you might be confusing the front-end Firebase packages with back-end admin packages.
If you are going to have the client interact with Firebase, you'll need to use front-end packages. Depending on the platform your front-end is being presented on (Web, iOS, Android, etc...) there are different options to suit your platform... web=JavaScript SDK... ios=ios SDK... etc...
The Admin SDKs allow you to add back-end functionality. Because there are so many different languages that can be used on the back-end, there are many flavors of the Admin SDK.
This release-notes page does a good job demonstrating the many "Firebase" packages available... both front-end and back-end.
If you're writing code with python and you want to access Firebase and Cloud serivces, the recommended option is to use the admin SDK. It's designed to be the easiest way to read and write data in your database, upload and download files to your Cloud Storage buckets, and perform other administrative functions, such as authenticated user management.
I'm not sure what you mean by "normal Firebase services".
Python Firebase admin SDK: If you use Firebase Admin SDK then you can have admin access to things without worrying about restrictions and rules on your database.
Python Firebase: If you use python firebase (normal firebase) then you need to authenticate each time you access your data (Means you can set rules and permissions for your document)
When I go to appengine.google.com/a/mydomain.com i am able to login and
see all my apps and administer them.
However, when I try to use the remote_api the same username/password does not work.
I'm using the interactive console code from http://code.google.com/appengine/articles/remote_api.html
This is a known issue with Google Accounts authentication. If you created an app and set it to use Google Accounts for authentication, and you yourself use a Google Apps account, you will not be able to authenticate against your app as an administrator using that account, even if you've created a Google Account for that email address. The workaround for now is to create a gmail account and add it as an administrator of your app, using that whenever you need to authenticate against your app as an administrator. You can still use your existing account for deployments and to log in to the admin console.
It's a pain, I know - I run into it every day myself.
I've come across the same issue while developing for GAE on google apps. To make it work, I've created a simple wrapper around a snippet provided by Nick (blog.notdot.net - I can't seem to find the proper reference right now) that has been working for me. You can find it here.