Firebase authentication necessary for IoT ?
I am new to programming and are mainly progressing by looking at other peoples great achievements!
But... Is authentication necessary for IoT?
The only setting that can be done in my project is to manipulate WiFi in the WiFiManager during startup.
Thinking as long as no one has else has access to the "API_KEY" and the "DATABASE_URL" are you not safe?
I mean if the "bad guy" somehow manage to extract "API_KEY" and "DATABASE_URL" from the chip I guess the Email and Password can be extracted as well. No one else will have access to Firebase but me. And nothing else should log in the Firebase but my devices with my code. And all devices will have the same user (email / password).
Well, now when I finally got Email / Password working I guess there is no reason not to use it. Or am I adding unnecessary complexity or introducing more points of failure?
I share the links that finally made me end up with a functional authentication:
But then I read that security is good and after some headache I managed to get "password authentication" working with help of this tutorial which shows how to navigate around in the Firebase console to enable email / password authentication.:
Finally I found this sketch to demonstrate and verify that it is working.
: