How to authenticate a user in firebase-admin in nodejs?

Question

How to authenticate a user in firebase-admin in nodejs?

I am currently creating a Firebase API for nodejs. I would like to process all Firebase objects (e.g. authentication) using firebase-admin on nodejs. But what is the correct way to authenticate a user through nodejs in firebase-admin without the Javascript Firebase SDK on the client side? In the official documentation for the administrator, I did not find a function called signInWithEmailAndPassword (for example, as on the client side of the SDK) for nodejs. There is only a function called " getUserByEmail ", but this function does not check if the user has entered the correct password.

This is my form:

<form class="sign-box" action="/login" method="post"> <div class="form-group"> <input id="username" name="username" type="text" class="form-control" placeholder="E-Mail"/> </div> <div class="form-group"> <input id="password" name="password" type="password" class="form-control" placeholder="Password"/> </div> <button type="submit" class="btn btn-rounded">Sign in</button> </form>

After submitting the form, I pass the values to my API in nodejs:

 app.post('/login', urlencodedParser, function (req, res) { // getting the values response = { username: req.body.username, password: req.body.password }; // authenticate the user here, but how ? });

My first idea was to use the Firebase SDK on the client side to login using signInWithEmailAndPassword and get the uid. As soon as I had a UID, I wanted to send the UID to nodejs and call the createCustomToken function and return the generated token (with some additional complaints) back to the client. As soon as I get the token back, I would use the signWithCustomToken function (on the client side) to authenticate the user. Is this right or is there a better way?

+5

authentication node.js firebase-admin

Harry Jul 04 '17 at 7:31

source share

2 answers

moplin · Answer 1 · 2017-07-25T15:32:51+0000

In fact, for authentication you will need to use a regular firebase api, not an admin.

This will first give you an updated firebase token, not a custom token. If you like, you can do the same to get a custom token, if you need a custom token, I also have an example.

npm install firebase --save

 const firebase = require("firebase"); const config = { apiKey: "", authDomain: "", databaseURL: "", projectId: "", storageBucket: "", messagingSenderId: "" }; firebase.initializeApp(config);

I host my firebase function for login, but you can easily change it.

 exports.login = functions.https.onRequest((req, rsp)=>{ const email = req.body.email; const password = req.body.password; const key = req.body.key; const _key = '_my_key_'; let token = ''; if(key === _key){ firebase.auth().signInWithEmailAndPassword(email,password).then((user)=>{ //The promise sends me a user object, now I get the token, and refresh it by sending true (obviously another promise) user.getIdToken(true).then((token)=>{ rsp.writeHead(200, {"Content-Type": "application/json"}); rsp.end(JSON.stringify({token:token})); }).catch((err)=>{ rsp.writeHead(500, {"Content-Type": "application/json"}); rsp.end(JSON.stringify({error:err})); }); }).catch((err)=>{ rsp.writeHead(500, {"Content-Type": "application/json"}); rsp.end(JSON.stringify({error:err})); }); } else { rsp.writeHead(500, {"Content-Type": "application/json"}); rsp.end(JSON.stringify('error - no key')); } });

NOTE. I use this login function to test my other functions with Postman, so I send the key, so I can use it privately.

Now, combining ADMIN and FIREBASE node apy, I can do a lot of interesting things with the HTTP functions on my Firebase.

Hope this helps.

Matthew Rideout · Answer 2 · 2018-01-29T15:10:37+0000

For any user responsible for the servers, I was brought here because I tried to authenticate users in firebase without the Javascript Firebase SDK on the client side. I am creating a server side response application. On the client side, firebase.auth () does not work the server environment node on the server side.

Turns out you can run firebase.auth () commands inside componentDidMount () , because this is not running on the server. Here you can authenticate and get your user token, and then send it to the cloud function for any server-side rendering that requires user authentication.

On the server side, you can check the token using admin sdk.

You will also need to require firebase / app and firebase / auth, as well as initialize firebase in your bundle.js node for your browser so that it is not included in your bundle.js server

 componentDidMount() { firebase.auth().onAuthStateChanged(function(user) { if (user) { console.log("User signed in!"); } else { console.log("User NOT signed in!"); } }); }

How to authenticate a user in firebase-admin in nodejs?

More articles: