如何使用Chrome扩展程序与Firebase Webapp进行通信以避免重复登录 [英] How to communicate firebase webapp with chrome extension to avoid double login
问题描述
我在创建外部网页和chrome扩展程序之间的通信时遇到问题.我想我需要这样的东西.
I have a problem with creating a communication between the external webpage and chrome extension. I suppose I need something like this.
- 用户尝试使用Firebase Auth(使用google/Fb/电子邮件-密码提供程序)以"example.com"上的登录表单登录
- 如果用户成功登录,则相同的凭据将发送到chrome扩展程序
- 该扩展程序使用已获取的凭据调用signInWithCredential,然后尝试再次登录
- 如果一切正常,则用户可以使用context_script使用firebase dB
但这是这样做的正确方法吗?将凭证(例如电子邮件/密码,令牌)从网页发送到扩展名(即使我使用带有扩展名ID的runtime.sendMessage仅将数据发送到特定扩展名),这是一种安全的解决方案?
But it's a proper way to do that? It's a secure solution to send credentials (for example email/password, tokens) from webpage to extension (even if I use runtime.sendMessage with extension id to send data only to specific extension)?
当前,Web应用程序和扩展身份验证分别工作.如果用户通过Web应用程序登录,扩展名则不知道,反之亦然.我需要进行类似Grammarly或moz.com的通信,在该通信中,用户通过网页登录,之后,他将不需要通过扩展程序登录即可使用其帐户.
Currently, web app and extension authentication work separately. If the user login via web app, extension don't know about it and vice versa. I need to have communication like Grammarly or moz.com, where the user login via webpage and after that he won't need to log in via an extension to work with his account.
推荐答案
您肯定需要做的就是将您的授权令牌(我想这是登录后存储在cookie中的)传递给插件,然后向您的请求遵循Bearer语法使用此服务?
Surely all you need to do is pass your authorization token (I guess this is stored in a cookie after login?) to the plugin and then make requests to your services using this following the Bearer syntax?
您可以通过在用户点击特定页面时将其写入chrome.storage来将其添加到扩展中(如果未找到令牌或令牌已过期,则单击扩展可将用户定向到该页面),然后进行设置令牌:
You can get it into the extension by writing it to chrome.storage when the user hits a specific page (A click on the extension could direct the user to that page if a token is not found or has expired), then set the token:
chrome.storage.sync.set({ access_token: sometoken }, function() {
console.log('Value is set to ' + sometoken);
});
这篇关于如何使用Chrome扩展程序与Firebase Webapp进行通信以避免重复登录的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
