我怎么能与火力地堡多个社会服务登录? [英] How can I login with multiple social services with Firebase?
问题描述
我希望用户能够验证到使用多个不同的身份验证提供者,如Facebook,Twitter或Github上我的火力地堡的应用程序。一旦通过验证,我希望用户能够访问相同的帐户,无论他们使用哪种方法AUTH
I want users to be able to authenticate to my Firebase application using multiple different auth providers, such as Facebook, Twitter, or Github. Once authenticated, I want users to have access to the same account no matter which auth method they used.
在换句话说,我想多AUTH方法合并到我的应用程序内的单个帐户。我怎样才能做到这一点的火力地堡的应用程序?
In other words, I want to merge multiple auth methods into a single account within my app. How can I do this in a Firebase app?
推荐答案
更新(20160521):火力地堡刚刚发布了重大更新它的火力地堡认证产品,现在允许单个用户从不同的供应商支持的链接帐户。要了解更多有关此功能,请阅读的iOS ,<文档A HREF =https://firebase.google.com/docs/auth/web/account-linking相对=nofollow>网络和的 Android的。下面的答案是留给历史的原因。的
Update (20160521): Firebase just released a major update to its Firebase Authentication product, which now allows a single user to link accounts from the various supported providers. To find out more about this feature, read the documentation for iOS, Web and Android. The answer below is left for historical reasons.
核心火力地堡服务提供了身份验证的方法:
https://www.firebase.com/docs/security/authentication.html
The core Firebase service provides several methods for authentication: https://www.firebase.com/docs/security/authentication.html
在它的核心,火力地堡使用安全令牌JWT进行身份验证。任何导致生产JWT令牌(如使用自己的服务器上的JWT库)会工作,你的用户进行身份验证,以火力地堡,所以你必须在身份验证过程的完全控制。
At its core, Firebase uses secure JWT tokens for authentication. Anything that results in the production of a JWT token (such as using a JWT library on your own server) will work to authenticate your users to Firebase, so you have complete control over the authentication process.
火力地堡提供了一个名为火力地堡简单登录服务,是产生这些令牌的一种方式(这提供我们的Facebook,Twitter等验证)。它适用于普通权威性的场景,这样就可以站起来,没有服务器快速运行,但它不是认证的唯一途径,并且不打算成为一个COM prehensive解决方案。
Firebase provides a service called Firebase Simple Login that is one way to generate these tokens (this provides our Facebook, Twitter, etc auth). It's intended for common auth scenarios so that you can get up and running quickly with no server, but it is not the only way to authenticate, and isn't intended to be a comprehensive solution.
这里有一个方法允许使用火力地堡简单登录多个供应商登录:
Here's one approach for allowing login with multiple providers using Firebase Simple Login:
- 存储一个典型的用户识别符,并为一个映射
每个特定供应商的标识符到一个规范的标识。 - 更新您的安全规则以匹配任何一个凭据
给予,而不只是一个用户帐户。
为每个用户
在实践中,安全规则可能是这样的,假设你要同时启用Twitter和Facebook的身份验证(或允许用户与一个创建一个帐户,然后在以后添加其它):
In practice, the security rules might look like this, assuming you want to enable both Twitter and Facebook authentication (or allow a user to create an account with one and then later add the other):
{
"users": {
"$userid": {
// Require the user to be logged in, and make sure their current credentials
// match at least one of the credentials listed below, unless we're creating
// a new account from scratch.
".write": "auth != null &&
(data.val() === null ||
(auth.provider === 'facebook' && auth.id === data.child('facebook/id').val() ||
(auth.provider === 'twitter' && auth.id === data.child('twitter/id').val()))"
}
},
"user-mappings": {
// Only allow users to read the user id mapping for their own account.
"facebook": {
"$fbuid": {
".read": "auth != null && auth.provider === 'facebook' && auth.id === $fbuid",
".write": "auth != null &&
(data.val() == null ||
root.child('users').child(data.val()).child('facebook-id').val() == auth.id)"
}
},
"twitter": {
"$twuid": {
".read": "auth != null && auth.provider === 'twitter' && auth.id === $twuid",
".write": "auth != null &&
(data.val() == null ||
root.child('users').child(data.val()).child('twitter-id').val() == auth.id)"
}
}
}
}
在本例中,存储一个全球性的用户ID(可以是您选择的任何东西),并保持的Facebook,Twitter等认证机制的主要用户记录之间的映射。登录后为每个用户,您将获取从用户映射的主要用户记录,并使用该ID的用户数据和行为的主要商店。以上还限制和验证的用户映射数据,以便它只能通过谁已经拥有了Facebook的相同,微博等用户标识/用户/ $用户名/(Facebook的ID正确的用户写入|叽叽喳喳-id |等-ID)
In this example, you store one global user id (which can be anything of your choosing) and maintain mapping between Facebook, Twitter, etc. authentication mechanisms to the primary user record. Upon login for each user, you'll fetch the primary user record from the user-mappings, and use that id as the primary store of user data and actions. The above also restricts and validates the data in user-mappings so that it can only be written to by the proper user who already has the same Facebook, Twitter, etc. user id under /users/$userid/(facebook-id|twitter-id|etc-id).
这个方法将让你快速启动和运行。然而,如果您有一个复杂的用例,并希望通过身份验证的经验完全控制,你可以在自己的服务器运行自己的权威性code。有许多有用的开放源码库,你可以用它来做到这一点,如 everyauth 并的护照。
This method will let you get up and running quickly. However, if you have a complicated use case and want complete control over the auth experience, you can run your own auth code on your own servers. There are many helpful open source libraries you can use to do this, such as everyauth and passport.
您也可以验证使用第三方身份验证提供者。例如,您可以使用单独,其中有没有一个巨大的各种整合出的最箱你无需编写任何服务器端code。
You can also authenticate using 3rd party auth providers. For example, you can use Singly, which has a huge variety of integrations out-of-the-box without you needing to write any server-side code.
这篇关于我怎么能与火力地堡多个社会服务登录?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
