在哪里可以找到 auth.token 数据,在 firebase 对象中 [英] Where to find auth.token data, inside firebase objects
问题描述
我正在使用 signInWithCustomToken
,在身份验证后,我找不到我在服务器端设置的自定义声明数据的存储位置 (createCustomToken).
I am using signInWithCustomToken
, after authentication I can not find where is stored my custom claims data which I have set in the server side(createCustomToken).
我可以通过 auth.token 在 firebase 规则中看到它们,但是如何从我的 javascript 代码中通过 firebase 对象访问它们.
I can see them in firebase rules via auth.token, but how can I access them through firebase objects from within my javascript code.
推荐答案
令牌中的信息不会自动提供给您的应用程序代码.但是它是嵌入在token中的,所以你可以自己解码:
The information in the token is not automatically available to your application code. But it is embedded in the token, so you can decode it yourself:
function parseJwt (token) {
var base64Url = token.split('.')[1];
var base64 = base64Url.replace('-', '+').replace('_', '/');
return JSON.parse(window.atob(base64));
};
var user = firebase.auth().currentUser
user.getToken().then(data => {
console.log(parseJwt(data));
});
解析JWT的函数来自这个问题:How to decode jwtjavascript中的令牌
The function to parse the JWT comes from this question: How to decode jwt token in javascript
您会注意到它不会验证 ID 令牌是否有效.这在客户端代码中对我来说似乎很好,因为无论如何用户自己都会使用这些信息.但是,如果您确实想验证令牌,则必须使用更复杂的方法.
You'll note that it doesn't verify that the ID token is valid. That seems fine to me in client-side code, since the information will be used by the user themselves anyway. But if you do want to verify the token, you'll have to use a more involved method.
这篇关于在哪里可以找到 auth.token 数据,在 firebase 对象中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!