Home > front end >  How to pass a tokenID from client to server and read it inside a middleware to verify authentication
How to pass a tokenID from client to server and read it inside a middleware to verify authentication

Time:11-08

My goal is to restrict the api calls by using Firebase SDKs.

I was thinking on using the verify tokenID example from firebase docs inside a middleware on the backend to do that verification.

It would be like this:

function CheckLoggedIn(){
// idToken comes from the client app
 getAuth()
  .verifyIdToken(idToken)
  .then((decodedToken) => {
    //authenticated
    next()

  })
  .catch((error) => {
    // Handle error
    return res.status(401).json({
     error: "Access denied"})
  });


app.get('/',CheckLoggedIn,(req,res) =>{
 res.send('logged in')
}

My question is: How do I pass that tokenID from client-side to be read inside the middleware function?

Is there a better way of doing it with Firebase Authentication?

CodePudding user response:

Firebase SDKs that need to pass the signed-in user, typically pass it in the Authorization header of each request as a so-called bearer token. That's probably a good option for your own apps too.

Page link:https//www.codepudding.com/frontend/602266.html

Prev:CORS header 'Access-Control-Allow-Origin'
Next:Determine batch size during `tensorflow.keras` Custom Class `call` method
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding