如何使用 Firebase 登录多个社交服务? [英] How can I login with multiple social services with Firebase?
问题描述
我希望用户能够使用多个不同的身份验证提供商(例如 Facebook、Twitter 或 Github)对我的 Firebase 应用程序进行身份验证.通过身份验证后,我希望用户无论使用哪种身份验证方法都可以访问同一个帐户.
I want users to be able to authenticate to my Firebase application using multiple different auth providers, such as Facebook, Twitter, or Github. Once authenticated, I want users to have access to the same account no matter which auth method they used.
换句话说,我想在我的应用程序中将多个身份验证方法合并到一个帐户中.如何在 Firebase 应用中执行此操作?
In other words, I want to merge multiple auth methods into a single account within my app. How can I do this in a Firebase app?
推荐答案
更新 (20160521):Firebase 刚刚发布了对其 Firebase 身份验证 产品,现在允许单个用户链接来自各种受支持提供商的帐户.要了解有关此功能的更多信息,请阅读 iOS 的文档,网络 和 安卓.下面的答案是由于历史原因留下的.
Update (20160521): Firebase just released a major update to its Firebase Authentication product, which now allows a single user to link accounts from the various supported providers. To find out more about this feature, read the documentation for iOS, Web and Android. The answer below is left for historical reasons.
核心 Firebase 服务提供多种身份验证方法:https://www.firebase.com/docs/security/authentication.html
The core Firebase service provides several methods for authentication: https://www.firebase.com/docs/security/authentication.html
Firebase 的核心是使用安全的 JWT 令牌进行身份验证.任何导致生成 JWT 令牌的东西(例如在您自己的服务器上使用 JWT 库)都将用于对您的用户进行 Firebase 身份验证,因此您可以完全控制身份验证过程.
At its core, Firebase uses secure JWT tokens for authentication. Anything that results in the production of a JWT token (such as using a JWT library on your own server) will work to authenticate your users to Firebase, so you have complete control over the authentication process.
Firebase 提供了一项名为 Firebase Simple Login 的服务,这是生成这些令牌的一种方式(这提供了我们的 Facebook、Twitter 等身份验证).它适用于常见的身份验证场景,以便您无需服务器即可快速启动和运行,但这不是身份验证的唯一方法,也不是一个全面的解决方案.
Firebase provides a service called Firebase Simple Login that is one way to generate these tokens (this provides our Facebook, Twitter, etc auth). It's intended for common auth scenarios so that you can get up and running quickly with no server, but it is not the only way to authenticate, and isn't intended to be a comprehensive solution.
这是一种允许使用 Firebase 简单登录通过多个提供商登录的方法:
Here's one approach for allowing login with multiple providers using Firebase Simple Login:
- 为每个用户存储一个规范的用户标识符,以及一个映射每个特定于提供者的标识符对应一个规范 ID.
- 更新您的安全规则以匹配给定的用户帐户,而不仅仅是一个.
在实践中,安全规则可能如下所示,假设您要同时启用 Twitter 和 Facebook 身份验证(或允许用户使用其中一个创建帐户,然后再添加另一个):
In practice, the security rules might look like this, assuming you want to enable both Twitter and Facebook authentication (or allow a user to create an account with one and then later add the other):
{
"users": {
"$userid": {
// Require the user to be logged in, and make sure their current credentials
// match at least one of the credentials listed below, unless we're creating
// a new account from scratch.
".write": "auth != null &&
(data.val() === null ||
(auth.provider === 'facebook' && auth.id === data.child('facebook/id').val() ||
(auth.provider === 'twitter' && auth.id === data.child('twitter/id').val()))"
}
},
"user-mappings": {
// Only allow users to read the user id mapping for their own account.
"facebook": {
"$fbuid": {
".read": "auth != null && auth.provider === 'facebook' && auth.id === $fbuid",
".write": "auth != null &&
(data.val() == null ||
root.child('users').child(data.val()).child('facebook-id').val() == auth.id)"
}
},
"twitter": {
"$twuid": {
".read": "auth != null && auth.provider === 'twitter' && auth.id === $twuid",
".write": "auth != null &&
(data.val() == null ||
root.child('users').child(data.val()).child('twitter-id').val() == auth.id)"
}
}
}
}
在此示例中,您存储一个全局用户 ID(可以是您选择的任何内容)并维护 Facebook、Twitter 等身份验证机制与主要用户记录之间的映射.为每个用户登录后,您将从用户映射中获取主要用户记录,并将该 id 用作用户数据和操作的主要存储.以上还限制和验证了用户映射中的数据,以便只能由在/users/$userid/(facebook-id|twitter) 下已经拥有相同 Facebook、Twitter 等用户 ID 的正确用户写入数据-id|etc-id).
In this example, you store one global user id (which can be anything of your choosing) and maintain mapping between Facebook, Twitter, etc. authentication mechanisms to the primary user record. Upon login for each user, you'll fetch the primary user record from the user-mappings, and use that id as the primary store of user data and actions. The above also restricts and validates the data in user-mappings so that it can only be written to by the proper user who already has the same Facebook, Twitter, etc. user id under /users/$userid/(facebook-id|twitter-id|etc-id).
这个方法会让你快速上手.但是,如果您有一个复杂的用例并希望完全控制身份验证体验,您可以在自己的服务器上运行自己的身份验证代码.您可以使用许多有用的开源库来执行此操作,例如 everyauth 和 护照.
This method will let you get up and running quickly. However, if you have a complicated use case and want complete control over the auth experience, you can run your own auth code on your own servers. There are many helpful open source libraries you can use to do this, such as everyauth and passport.
您还可以使用 3rd 方身份验证提供程序进行身份验证.例如,您可以使用 Singly,它具有多种开箱即用的集成,无需您编写任何服务端代码.
You can also authenticate using 3rd party auth providers. For example, you can use Singly, which has a huge variety of integrations out-of-the-box without you needing to write any server-side code.
这篇关于如何使用 Firebase 登录多个社交服务?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
