从服务器登录用户的Firebase Admin SDK [英] Firebase Admin SDK to Log user in from Server

问题描述

我一直在Node JS代码中使用Firebase Admin SDK从服务器端对用户进行身份验证.

I have been using Firebase Admin SDK in my Node JS code for authenticating users from the server side.

Admin SDK提供了一种方法admin.auth().createUser()来创建新用户.

The Admin SDK provides a method admin.auth().createUser() to create new users.

admin.auth().createUser({
        email,
        password,
        displayName: name
    })
    .then(function(user) {
        console.log("Successfully created new user:", user.uid)
        return res.send(user)
    })
    .catch(function(err) {
        console.log("Error creating new user:", err)
        return res.send(err)
    })

但是现在如何像Firebase Client SDK中的方法auth.signInWithEmailAndPassword(email, pass)那样使用户登录.

But now how to make a user login like there is a method auth.signInWithEmailAndPassword(email, pass) in the Firebase Client SDK.

firebase管理员SDK上有一种方法可以通过电子邮件admin.auth().getUserByEmail(email)获取用户信息.此方法返回所有用户信息，包括密码，但该密码被散列.因此，现在有任何变通办法可以让Server中的用户进行正确的身份验证.

There is a method on the firebase admin SDK to get the user info by Email admin.auth().getUserByEmail(email). This method returns all the user information including password but that password is hashed. So now is there any workaround to have a proper authenticate users from Server.

推荐答案

我的评论有些迟了，但是一种选择是直接使用Firebase REST API，但将其集成到您自己的服务器端API中进行身份验证.然后结合使用它和Admin SDK将其包装起来. REST API文档可在此处找到 https://firebase.google.com/docs/reference/rest/auth/#section-sign-in-email-password .您可以通过自己的API减轻客户端的负担，并包装所有Firebase身份验证内容，自定义声明，登录，注销等.您只需要使用两种方法即可.这将使您摆脱应用程序和API中的任何依赖关系，就像将它们全都放在一个服务提供商中一样.值得深思.

My comment is a bit late but one option would be to use the Firebase REST API directly but integrated into your own server-side API for authentication. And then use a combination of that and the Admin SDK to wrap it all up. REST API docs can be found here https://firebase.google.com/docs/reference/rest/auth/#section-sign-in-email-password. You could keep your client light weight and wrap up all Firebase auth stuff, custom claims, login, logout etc. all through your own API. You would just need to use both methods to do so. This would abstract you away from any dependencies in your app and API as you could put it all in a single service provider. Just food for thought.

这篇关于从服务器登录用户的Firebase Admin SDK的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！