具有Firebase身份验证的云终端 [英] Cloud Endpoints with Firebase Authentication

问题描述

我要完成的工作是，将使用Google App Engine上运行的网络服务的使用限制为使用Firebase Auth登录的我的应用程序用户.

What I am trying to accomplish is I want to limit the use of the web service running on Google App Engine to my app users that login with Firebase Auth.

如何将安全规则添加到openAPI规范中，以允许用户仅请求其uuid信息?因此，如果用户使用该uuid登录到Firebase Auth，则他们将只能使用Web服务获取有关其uuid的信息

How can I add security rules to the openAPI specification to allow users to request only information of their uuid? So users will just be able to use the web service to get the information about their uuids, if they are logged in to Firebase Auth with that uuid

推荐答案

您必须通过安全连接将用户的ID令牌从客户端应用传递到服务器.然后，您可以在服务器上验证该ID令牌，并根据用户的身份自定义数据访问权限.

You'd have to pass along the ID token of your user from the client app to your server over a secure connection. Then on your server you can verify that ID token, and customize data access on the user's identity.

有关更多信息，请参见有关验证ID令牌的Firebase文档.

For more on this, see the Firebase documentation on verifying ID tokens.

这篇关于具有Firebase身份验证的云终端的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！