有没有办法确定Firebase用户的UID是否有效? [英] Is there a way to determine if a Firebase user's UID is valid?
问题描述
我正在建立一个服务器路由,我希望限制该服务器路由仅由已认证的用户使用.我计划将带有POST的user.uid发送到此路由,并且我想验证UID是Firebase中存在的UID.我知道我可以在Firebase中手动添加UID并对照此数据进行检查,但是可以查看Firebase身份验证正在跟踪哪些UID?我认为这种方法比检查我自己的列表会更好.
I am building a server route that I wish to restrict for use only by authenticated users. I plan to send a user.uid with a POST to this route, and I want to validate the UID is one that exists in Firebase. I know I can add UIDs manually in Firebase and check against this data, but is it possible to see what UIDs Firebase authentication is tracking? I think this approach would be better then checking against my own list.
这样做的目的是确保不会使用伪造的UID(例如出于恶意目的)访问这些路由.
The purpose for this is to ensure that these routes are not accessed with a phony UID (e.g. for malicious purposes).
推荐答案
您可以使用服务器上的Firebase Admin SDK来检查特定的UID是否与项目中的Firebase身份验证用户相对应.从有关检索用户数据的Firebase文档:
You can check whether a specific UID corresponds to a Firebase Authentication user in your project by using the Firebase Admin SDK on your server. From the Firebase documentation on retrieving user data:
admin.auth().getUser(uid)
.then(function(userRecord) {
// See the UserRecord reference doc for the contents of userRecord.
console.log("Successfully fetched user data:", userRecord.toJSON());
})
.catch(function(error) {
console.log("Error fetching user data:", error);
});
这篇关于有没有办法确定Firebase用户的UID是否有效?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!