如何在没有客户端身份验证的情况下从服务器对Firebase用户进行身份验证? [英] How to authenticate a firebase user from server without client side auth?

问题描述

我有一个使用节点admin sdk进行连接并调用firebase的API.我的客户需要我的api来满足他们的所有需求.我不希望他们必须直接向Firebase进行身份验证，因为我希望客户端代码与api和后端分离.

I have an API which uses the node admin sdk to connect and call to firebase. My clients hit my api for all the things they need. I do not want them to have to call out to firebase to authenticate directly because I want the client code decoupled from the api and backend.

服务器如何对它们进行身份验证?基于当前文档，即使是最低要求，客户端也必须将其uid提供给api(假定它们自己进行了身份验证，对吗?).

How can the server authenticate them? Based on current docs even at minimum clients must provide their uid to the api (which assumes they authenticated on their own, right?).

理想情况下，客户端将在ssl上的POST正文中向我的api提供用户名和密码，并且api会将它们登录并发送回其id令牌.推荐的方法是什么?

Ideally, the clients would provide username and password in the body of a POST over ssl to my api and the api would log them in and send back their id token. What would be the recommended way to do this?

推荐答案

只想提供一个更新:可以在这里找到未记录的REST API的答案:

Just wanted to provide an update: an answer to this with undocumented REST API's can be found here: Firebase REST auth when creating token with node.js admin sdk

如果可以的话，我会将其标记为答案.

If I could I would mark this as the answer.

这篇关于如何在没有客户端身份验证的情况下从服务器对Firebase用户进行身份验证?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！