使用邮件和密码通过REST API进行身份验证[Firebase] [英] Using mail and password to authenticate via the REST API [Firebase]

问题描述

我想知道是否可能使用自定义身份验证实际对Firebase REST API进行身份验证 >

我已经使用了Firebase，现在我正在考虑将我的后端迁移到Firebase。
使用后端的应用程序当前使用REST API，根本不需要实时数据。
因此，我只想使用REST API，而不是客户端上的完整Android框架。

是否可以获得auth使用邮件&通过HTTP请求密码认证Firebase

在旧文档我只找到了自定义登录解决方案，并在新文档，您似乎需要一个Google服务帐户

。

解决方案

更新：现在记录了Firebase REST身份验证！

查看文档

我想了解如何通过检查发送给我们的请求来执行Firebase的电子邮件和密码身份验证JavaScript API。

这些API没有记录和不被支持

---

Firebase 3

Firebase 3身份验证是Google Identity Toolkit的更新和重命名版本。旧的文档不完全准确，但可能有用，可以在这里找到： https ：//developers.google.com/identity/toolkit/web/reference/

Firebase 3要求所有请求都有 Content-Type：application / json 在标题中
$ b

API键

Firebase 3需要将API密钥附加到所有身份验证请求。您可以通过访问Firebase项目概览并点击将Firebase添加到您的网络应用来找到您的数据库的API密钥。您应该看到一个窗口，其代码如下所示：

 < script src =https://www.gstatic.com /firebasejs/live/3.0/firebase.js\"> < /脚本> 
< script> 
 //初始化Firebase 
 var config = {
 apiKey：< my-firebase-api-key>，
 authDomain：my-firebase.firebaseapp.com ，
 databaseURL：https://my-firebase.firebaseio.com，
 storageBucket：my-firebase.appspot.com，
}; 
 firebase.initializeApp（config）; 
< / script> 
  

复制apiKey值并保存以备后用。

注册

方法： POST

网址： https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=<my-firebase-api-key>

$ b $ p

有效负载：

  {
 email：< email> ，
密码：<密码>，
 returnSecureToken：true 
} 
  

回应：

  {
kind：identitytoolkit＃SignupNewUserResponse，
 localId：< firebase-user-id>，//用这个唯一标识用户
email：< email>，
displayName：，
idToken：< provider-id-token>，//将此用作数据库请求中的认证令牌
registered：true，
refreshToken：<刷新令牌>，
expiresIn：3600
} 
  

登录在

方法： POST

code> https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=<my-firebase-api-key>

有效负载：

  {
 email：< email>，
密码：<密码>，
 returnSecureToken：true 
} 
  

响应：
$ b

  {
kind：identitytoolkit＃VerifyPasswordResponse，
localId： < firebase-user-id>，//使用它来唯一标识用户
email：< email>，
displayName：，
 idToken：< provider-id-token>，//在数据库请求中使用它作为auth标记
registered：true，
refreshToken：< refresh-token> ，
expiresIn：3600
} 
  

获取帐户信息

方法： POST

URL： https://www.google apis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=<my-firebase-api-key>

有效负载：

  {
 idToken：< provider-id-token> 
 
 $ / code $ / pre 
 
 $ p 
 
 $ pre 
kind：identitytoolkit＃GetAccountInfoResponse，
users：[
 {
localId：< firebase-user-id>，
email：< email>，
emailVerified：false，
providerUserInfo：[
 {
providerId：< password>，
federatedId：< email>，
email：< email>，
rawId： <电子邮件> 中
]，
passwordHash：< hash>，
passwordUpdatedAt：1.465327109E12，
validSince：1465327108，
 createdAt：1465327108000
}] 
} 
  

---

Firebase 2

这些请求会返回Firebase文档中描述的JSON数据。 https://www.firebase.com/ docs / web / guide / login / password.html＃section-logging-in
$ b

登入

<您可以使用以下格式发送GET请求进行身份验证：

  https://auth.firebase.com/v2 /< DB_NAME> / AUTH /密码&安培;电子邮件= LT;电子邮件>&安培;密码= LT;密码> 
  

注册

用户创建也可以通过发送与 _method = POST 相同的GET请求作为查询字符串的一部分执行

  https://auth.firebase.com/v2/<db_name> /users?&email=<email>&password=<password>&_method=POST 
  

I was wondering whether it is possible to actually authenticate to the Firebase REST API withouth using the custom authentification?

I've worked with Firebase now for some time and I'm currently thinking about migrating a backend of mine to Firebase. The app that uses the backend currently uses a REST API and does not need realtime data at all. Thus I'd like to use only the REST API and not the full Android framework on the clients.

Is it possible to get an auth token using the mail & password authentification of Firebase via HTTP-requests?

In the old docs I've only found a solution with custom login and in the new docs you seem to need a Google Service Account.

Any help or advice appreciated.

解决方案

Update: Firebase REST authentication is now documented!

View the documentation

---

Firebase REST authentication

I figured out how to perform email and password authentication for Firebase by examining the requests sent by the Javascript API.

These APIs are undocumented and unsupported

---

Firebase 3

Firebase 3 authentication is an updated and renamed version of the Google Identity Toolkit. The old documentation is not fully accurate, but may be useful and can be found here: https://developers.google.com/identity/toolkit/web/reference/

Firebase 3 requires all requests to have Content-Type: application/json in the header

API Key

Firebase 3 requires an API key to be attached to all authentication requests. You can find the API key for your database by visiting the Firebase project overview and clicking on "Add Firebase to your web app". You should see a window with code like the following:

<script src="https://www.gstatic.com/firebasejs/live/3.0/firebase.js">    </script>
<script>
  // Initialize Firebase
  var config = {
    apiKey: "<my-firebase-api-key>",
    authDomain: "my-firebase.firebaseapp.com",
    databaseURL: "https://my-firebase.firebaseio.com",
    storageBucket: "my-firebase.appspot.com",
  };
  firebase.initializeApp(config);
</script>

Copy the apiKey value and save it for later.

Registration

Method: POST

URL: https://www.googleapis.com/identitytoolkit/v3/relyingparty/signupNewUser?key=<my-firebase-api-key>

Payload:

{
    email: "<email>",
    password: "<password>",
    returnSecureToken: true
}

Response:

{
    "kind": "identitytoolkit#SignupNewUserResponse",
    "localId": "<firebase-user-id>", // Use this to uniquely identify users
    "email": "<email>",
    "displayName": "",
    "idToken": "<provider-id-token>", // Use this as the auth token in database requests
    "registered": true,
    "refreshToken": "<refresh-token>",
    "expiresIn": "3600"
}

Login

Method: POST

URL: https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=<my-firebase-api-key>

Payload:

{
    email: "<email>",
    password: "<password>",
    returnSecureToken: true
}

Response:

{
    "kind": "identitytoolkit#VerifyPasswordResponse",
    "localId": "<firebase-user-id>", // Use this to uniquely identify users
    "email": "<email>",
    "displayName": "",
    "idToken": "<provider-id-token>", // Use this as the auth token in database requests
    "registered": true,
    "refreshToken": "<refresh-token>",
    "expiresIn": "3600"
}

Get Account Info

Method: POST

URL: https://www.googleapis.com/identitytoolkit/v3/relyingparty/getAccountInfo?key=<my-firebase-api-key>

Payload:

{
    idToken: "<provider-id-token>"
}

Response:

{
    "kind": "identitytoolkit#GetAccountInfoResponse",
    "users": [
    {
        "localId": "<firebase-user-id>",
        "email": "<email>",
        "emailVerified": false,
        "providerUserInfo": [
        {
            "providerId": "<password>",
            "federatedId": "<email>",
            "email": "<email>",
            "rawId": "<email>"
        }],
        "passwordHash": "<hash>",
        "passwordUpdatedAt": 1.465327109E12,
        "validSince": "1465327108",
        "createdAt": "1465327108000"
    }]
}

---

Firebase 2

These requests return JSON data described in the Firebase docs. https://www.firebase.com/docs/web/guide/login/password.html#section-logging-in

Login

You can authenticate by sending a GET request with the following format:

https://auth.firebase.com/v2/<db_name>/auth/password?&email=<email>&password=<password>

Registration

User creation can also be performed by sending the same GET request with _method=POST as part of the query string

https://auth.firebase.com/v2/<db_name>/users?&email=<email>&password=<password>&_method=POST

这篇关于使用邮件和密码通过REST API进行身份验证[Firebase]的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！