如何验证服务器上的FCM注册令牌？ [英] How to verify FCM registration token on server?

问题描述

我的Firebase Cloud Messaging注册令牌用于网页推送。
然后我把这个发送到我的服务器保存在数据库中以备以后使用。
但是，如何验证这个令牌是有效的还是假的？

我试过这个，但我认为这是用于Auth令牌而不是用于web推送的。

其他人可以向我的服务器发送一个随机假令牌的请求。编辑：它已经解决了，我写了一个简单的类来快速使用FCM进行web推送。
https://github.com/emretekince/fcm-web-push

解决方案发送给无效的注册标记时，您应该会收到 200+ error：InvalidRegistration ：

检查您传递给服务器的注册令牌的格式。确保它与客户端应用程序从注册Firebase通知时收到的注册令牌相匹配。不要截断或添加额外的字符。

这是您尝试发送简单的cURL请求的响应，其中注册令牌只是随机取得：

$ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ $ - $ Content-Type：application / json\
https://fcm.googleapis.com/fcm/send \
-d{\registration_ids \：[\ ABC \]}

注意，我在ABC ，在 registration_ids 参数中。如果它是有效的注册令牌，但没有与您的项目相关联，则可能会收到 200 + error：NotRegistered 。



您可以尝试从服务器发送测试消息来查看响应通过使用 dry_run 参数：



此参数设置为true时，开发人员可以在不实际发送消息的情况下测试请求。




I got my Firebase Cloud Messaging registration token for web push. And I sent this to my server to save in database for later push. But how can I verify this token is valid or fake?

I have tried this but I think this is for Auth tokens not for web push.

Someone else can send request of a random fake token to my server. I want to prevent this before save in db.

Edit: It's solved and I wrote a simple class to use FCM for web push quickly. https://github.com/emretekince/fcm-web-push

解决方案

When sending to an invalid registration token, you'll should receive 200 + error:InvalidRegistration:

Check the format of the registration token you pass to the server. Make sure it matches the registration token the client app receives from registering with Firebase Notifications. Do not truncate or add additional characters.

This is the response when you try to send a simple cURL request where the registration token is just randomly made:

curl --header "Authorization: key=$[your_server_key_here]" \
       --header Content-Type:"application/json" \
       https://fcm.googleapis.com/fcm/send \
       -d "{\"registration_ids\":[\"ABC\"]}"

Notice that I added in "ABC", in the registration_ids parameter. If ever it is a valid registration token, but is not associated to your project, you'll probably receive 200 + error:NotRegistered.

You can try sending a test message from your server to see the response without sending an actual message towards the device by using the dry_run parameter:

This parameter, when set to true, allows developers to test a request without actually sending a message.

这篇关于如何验证服务器上的FCM注册令牌？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！