I am developing a simple file uploader project for Android. It relies on:
- A web hosting server with some PHP scripts to handle uploads and deletions.
- The app, from which the user can upload files.
I don’t want every user of the app can access every user’s uploaded files; so I want to add an auth service (Firebase Auth in this case) to, once a user sucessfully logs in (preferably with Google), the correct files are displayed on his phone.
As a COMPLETE NEWBIE at anything web-related, my theory is that I should do something like that in order to achieve what I want:
Authenticate the user, get their UID (even though it’s not recommended) and perform a POST
HttpRequest with that UID. This would involve having an SQL database in my server which stores the UIDs.
However, I can’t find information to confirm whether my approach is good or not: I am investing a lot of time in this app and I don’t want to build a faulty piece of software. Could you please shed some light on the topic? Thank you!