如何在没有客户端身份验证的情况下从服务器对Firebase用户进行身份验证? [英] How to authenticate a firebase user from server without client side auth?
问题描述
我有一个使用节点admin sdk进行连接并调用firebase的API.我的客户需要我的api来满足他们的所有需求.我不希望他们必须直接向Firebase进行身份验证,因为我希望客户端代码与api和后端分离.
I have an API which uses the node admin sdk to connect and call to firebase. My clients hit my api for all the things they need. I do not want them to have to call out to firebase to authenticate directly because I want the client code decoupled from the api and backend.
服务器如何对它们进行身份验证?基于当前文档,即使是最低要求,客户端也必须将其uid提供给api(假定它们自己进行了身份验证,对吗?).
How can the server authenticate them? Based on current docs even at minimum clients must provide their uid to the api (which assumes they authenticated on their own, right?).
理想情况下,客户端将在ssl上的POST正文中向我的api提供用户名和密码,并且api会将它们登录并发送回其id令牌.推荐的方法是什么?
Ideally, the clients would provide username and password in the body of a POST over ssl to my api and the api would log them in and send back their id token. What would be the recommended way to do this?
推荐答案
只想提供一个更新:可以在这里找到未记录的REST API的答案:
Just wanted to provide an update: an answer to this with undocumented REST API's can be found here: Firebase REST auth when creating token with node.js admin sdk
如果可以的话,我会将其标记为答案.
If I could I would mark this as the answer.
这篇关于如何在没有客户端身份验证的情况下从服务器对Firebase用户进行身份验证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!