获取/使用Firebase JWT [英] Obtaining/using Firebase JWT
问题描述
很早以前就加入Firebase文档,并且到目前为止还真的很喜欢它......................................................................作为n00b,这是一个概念性问题-Firebase身份验证生成的(JWT)令牌是否可以在客户端访问?
Early into Firebase docs and really liking it so far. Being n00b, a conceptual question here - is the (JWT) token generated by Firebase authentication accessible client-side?
我希望调用一些 external 服务,并希望利用JWT作为安全机制.所以:
I'm looking to call some external service and want to leverage JWT as the security mechanism. So:
- 使用Firebase内置提供程序(纯粹是客户端)对用户进行身份验证
- 获取Firebase JWT(我的问题)
- 在需要时将此JWT传递给外部服务,并对其进行验证(使用我的应用程序FBase机密)以访问"外部服务
本质上,利用现有Firebase机制作为外部服务的网关"形式.
In essence, leverage existing Firebase mechanisms as a form of "gateway" to external service(s).
我在这里看到了旧答案-".... token以重新加载页面,需要以某种方式存储它,以便客户端..."-这是 JWT
的 token
吗?
I saw an old answer here - "....token to survive page reloads, then you need to store it in some way so the client..." - is this token
the JWT
?
谢谢!
推荐答案
Firebase确实将JWT保留在本地存储中.
Firebase indeed keeps the JWT in local storage.
JSON.parse(localStorage.getItem("firebase:session::<app-name>")).token
您还可以从authData获得它,该数据可以作为 token
属性的值使用.
You can also get it from the authData, where it is available as the value of the token
property.
ref.onAuth(function(authData) { console.log(authData.token); })
但是首选的方法是按照克里斯在评论中所说的做
But the preferred way is to do what Chris said in the comments:
ref.getAuth().token
这篇关于获取/使用Firebase JWT的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!