我有一个客户端应用程序,用 angular4 编写,它与 firebase 服务器通信。目前我正在尝试将 nodejs 与 firebase 集成,以便它也可以与客户端应用程序通信。
Firebase <----> Client (Angular4) <----> NodeJs(firebase-admin) <----> Firebase
我已经设置了一个 fire-admin 配置:
var admin = require("firebase-admin");
var serviceAccount = require("./server/myfile.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: "https://mydb.firebaseio.com"
});
并且能够像这样检索数据:
var db = admin.database();
var ref = db.ref("messages");
ref.once("value", function(snapshot) {
console.log(snapshot.val());
});
但是如何在 NodeJS 服务器中检查客户端应用程序中的用户是否已登录?我需要这个 NodeJS 服务器来与客户端通信,并在需要时提供数据和文件。
最佳答案
基本上我按照 Firebase 文档解决了一个问题:
If your Firebase client app communicates with a custom backend server, you might need to identify the currently signed-in user on that server. To do so securely, after a successful sign-in, send the user's ID token to your server using HTTPS. Then, on the server, verify the integrity and authenticity of the ID token and retrieve the uid from it. You can use the uid transmitted in this way to securely identify the currently signed-in user on your server.
在 Angular4 应用程序中我的 Facebook 登录:
loginFb() {
this.loading = true;
this.afAuth.auth.signInWithPopup(new firebase.auth.FacebookAuthProvider()).then(
(user) => {
console.log('loginFB');
console.log(user);
var token = this.afAuth.auth.currentUser.getToken().then(
(token) => console.debug(`******** Token: ${token}`)); <== TOKEN
this.af.object(`/users/${user.uid}`).update({
displayName: user.auth.displayName,
email: user.auth.email,
photoURL: user.auth.photoURL
});
this.router.navigate(['/']);
}).catch(
(err) => {
this.loading = false;
this.error = err;
});
}
我的 NodeJS 服务器:
var admin = require("firebase-admin");
var serviceAccount = require("./server/service-account.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: "https://myapp.firebaseio.com"
});
...
//test method
router.get("/isAuth/:token", function (req, res) {
var token = req.params.token;
admin.auth().verifyIdToken(token)
.then(function(decodedToken) {
var uid = decodedToken.uid;
console.log(`Current User ID: ${uid}`);
}).catch(function(error) {
console.log("Error: " + error);
});
});
这是检查身份验证的方式。
关于node.js - Nodejs Firebase 和 Angular4 身份验证,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/43991703/