Menu
I don't mean custom authentication with firebase. What I need is slightly different from that custom authentication that generates tokens in application server and allows access in firebase. Actually, I'm trying to authenticate in firebase with e-mail and password , for instance, and with that authentication be able to access restful services in some application server. Is this possible ? I think that in some way an token could be sent to application server after firebase authentication and that server would validate the auth token against firebase.
Client --------authenticates ------->> Firebase
Client <<--------auth token ---------- Firebase
Client --------- sends ------------->> Application server (NodeJS)
App Server ------- validates (auth token) ---->> Firebase
Thanks in advance.
740
Because Firebase ID tokens are stateless JWTs, you can determine a token has been revoked only by requesting the token's status from the Firebase Authentication backend. For this reason, performing this check on your server is an expensive operation, requiring an extra network round trip.
There are two ways to verify a token: locally or remotely with Okta. The token is signed with a JSON Web Key (JWK) using the RS256 algorithm. To validate the signature, Okta provides your application with a public key that can be used.
You can sign in users to your Firebase app either by using FirebaseUI as a complete drop-in auth solution or by using the Firebase Authentication SDK to manually integrate one or several sign-in methods into your app. The recommended way to add a complete sign-in system to your app.
import firebase from 'firebase/app';
import 'firebase/auth';
import 'firebase/firestore';
const googleAuthProvider = new firebase.auth.GoogleAuthProvider();
const auth = firebase.auth();
const authenticates = await auth.signInWithPopup(googleAuthProvider).then(user => user).catch(err => err)
you will get data from authenticates response
authtoken = authenticates.credential.idToken
email = authenticates.user.email
...
const sends = await axios({
method: 'post',
url: `${API_BASE_URL}/request`,
headers: {
'Authorization': `Bearer ${authtoken}`,
},
data: {
from: next_cursor,
size: next_cursor + 100,
}
});
We will have app_oauth2_client_id when we initialize firebase authentication
import { OAuth2Client } from 'google-auth-library';
const oauth2Client = new OAuth2Client(process.env.app_oauth2_client_id);
function verifyOauth2Token(token) {
const ticket = await oauth2Client.verifyIdToken({
idToken: token,
audience: [process.env.app_oauth2_client_id]
});
return ticket.getPayload();
}
const tokenInfo = await verifyOauth2Token(token);
for tokenInfor
{
iss: 'accounts.google.com',
azp: '671303332471-5n8014rorllmd09n8mmadesc2qidpda5.apps.googleusercontent.com',
aud: '671303332471-5n8014rorllmd09n8mmadesc2qidpda5.apps.googleusercontent.com',
sub: '100037911230177975416',
email: '[email protected]',
email_verified: true,
at_hash: '3rxsMOftrr9NZWlBkYznuQ',
iat: 1635842823,
exp: 1635846423
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
