admin管理员组文章数量:1345288
I'm trying to create a "remember me" function for my web app that uses Firebase.
My goal is that when a user clicks "remember me" and logs in successfully, their authentication token is stored using localStorage and they are logged in automatically on their next visit (I prefer this to storing their raw credentials in localStorage for security purposes).
However, when I tried to call firebase.auth().createCustomToken I got an error saying it does not exist. Is this the wrong approach or the wrong function call for firebase? Thanks!
Here is a sample of my code:
var customToken = firebase.auth().createCustomToken(user.uid);
localStorage.setItem("savedToken", customToken);
then later I plan to use this line to sign back in:
firebase.auth().signInWithCustomToken(localStorage.getItem("savedToken")).then(function() {
I'm trying to create a "remember me" function for my web app that uses Firebase.
My goal is that when a user clicks "remember me" and logs in successfully, their authentication token is stored using localStorage and they are logged in automatically on their next visit (I prefer this to storing their raw credentials in localStorage for security purposes).
However, when I tried to call firebase.auth().createCustomToken I got an error saying it does not exist. Is this the wrong approach or the wrong function call for firebase? Thanks!
Here is a sample of my code:
var customToken = firebase.auth().createCustomToken(user.uid);
localStorage.setItem("savedToken", customToken);
then later I plan to use this line to sign back in:
firebase.auth().signInWithCustomToken(localStorage.getItem("savedToken")).then(function() {
- 2 Please show your code. It's much easier to debug when we can see what you've tried. – Soviut Commented Aug 29, 2016 at 1:17
2 Answers
Reset to default 7firebase.auth().createCustomToken is only available in the server API.
To authenticate with an email & password and get the token for the session, try this:
firebase.auth().signInWithEmailAndPassword(email, password)
.then(function(user) {
user.getToken().then(function(token) {
localStorage.setItem("savedToken", token); // store the token
});
})
.catch(function(error) {
// handle error...
});
This will work with the other authentication methods, too; just use User.getToken. Later, if you have a token (still on the client), and you want to authenticate with it, just do what you are currently doing:
var token = localStorage.getItem("savedToken"); // get stored token
firebase.auth().signInWithCustomToken(token).catch(function(error) {
// handle error...
});
The above code doesn't work, because signInWithCustomToken only works for tokens minted by your server with createCustomToken. I'm not sure how to auth with an email/password token.
Creating a custom token requires having access to the private key/service account of your Firebase project. This key is the master key to gaining access to a Firebase project, knowing it gives unlimited access.
Since someone knowing the private key has unlimited access to the Firebase project, it makes no sense to ever mint custom tokens on the client. You might as simply remove all security from your Firebase database and storage services.
To authenticate a client using a custom token, mint a custom token on an app server and pass that (securely) to the client. Then use the custom on the client with signInWithCustomToken. This way only your app server has to know the service account/private key.
本文标签: javascriptfirebaseauth()createCustomToken is undefined on web appStack Overflow
版权声明:本文标题:javascript - firebase.auth().createCustomToken is undefined on web app - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1743806882a2542338.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论