Geo*_*ett 12 firebase firebase-authentication google-cloud-functions
有没有办法在触发云功能之前检查用户是否已获得firebase授权?(或在功能内)
Mic*_*igh 35
是.您需要将Firebase ID令牌与请求一起发送(例如在AuthorizationAJAX请求的标头中),然后使用Firebase Admin SDK进行验证.Cloud Functions for Firebase示例存储库中有一个深入的示例.它看起来像这样(对于SO帖子做得更短):
const functions = require('firebase-functions');
const admin = require('firebase-admin');
const cors = require('cors')();
const validateFirebaseIdToken = (req, res, next) => {
cors(req, res, () => {
const idToken = req.headers.authorization.split('Bearer ')[1];
admin.auth().verifyIdToken(idToken).then(decodedIdToken => {
console.log('ID Token correctly decoded', decodedIdToken);
req.user = decodedIdToken;
next();
}).catch(error => {
console.error('Error while verifying Firebase ID token:', error);
res.status(403).send('Unauthorized');
});
});
};
exports.myFn = functions.https.onRequest((req, res) => {
validateFirebaseIdToken(req, res, () => {
// now you know they're authorized and `req.user` has info about them
});
});
| 归档时间: |
|
| 查看次数: |
5098 次 |
| 最近记录: |