在Firebase中处理从iOS生成的一小时令牌到期,用于节点身份验证 [英] Handling one hour token expiration in Firebase generated from iOS used for node auth
问题描述
我的申请流程:
通过iOS登录到Firebase.检索firebase令牌并存储在钥匙串中-
Login into Firebase through iOS. Retrieve the firebase token and store in the keychain -
FIRAuth.auth()?.currentUser?.getTokenWithCompletion({ (token, err) in
//store token in keychain
})
此令牌在标头中发送到我的节点服务器以验证请求-
This token is sent in the header to my node server to authenticate requests -
firebase.auth().verifyIdToken(firebaseAccessToken).then(function(decodedToken) {
//allow access to api
}
令牌随后将在一个小时后失效.我的问题是我应该如何处理?
The token then expires after an hour. My question is how should I handle this?
- 存储在客户端上检索令牌的时间,并强制输入如有需要,请刷新
- 刷新每个API调用的令牌
- 使用令牌进行身份验证,然后创建另一个具有更长到期时间的令牌服务器端,并将其存储为身份验证令牌
还是这里还有其他选择?
Or is there another option here?
推荐答案
手动将令牌存储在钥匙串上,可以有效解决(并错误地重新实现)Firebase SDK提供的行为.首先,您不应该这样做.
Storing the token on the keychain manually is effectively fighting – and incorrectly reimplementing – the behavior provided by the Firebase SDK. You should not do that in the first place.
然后,第二个选项是最干净的:每次在调用后端服务之前调用 getTokenWithCompletion
.这是一个便宜的通话,因为它只会在令牌过期时刷新令牌.
Then, the second option is the cleanest: call getTokenWithCompletion
every time before calling your backend service. It's a cheap call, as it will only refresh the token if it has expired.
这篇关于在Firebase中处理从iOS生成的一小时令牌到期,用于节点身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!