Custom JWT auth combining client SDK for realtime updates
70 views
Skip to first unread message
Yoav Shafir
Nov 20, 2019, 11:01:02 AM11/20/19
to Firebase Google Group
Hi,
As part of our React/NodeJS/Firebase app we have multiple node.js microservices.
They all use the Firebase Admin SDK that was initialized using a service account to get full access to all Firebase services.
The nodejs auth microservice is where we generate our custom JWT tokens for the ReactJS client and where we create new users in Firestore.
Any call to the backend is first being processed by the auth server, then one of the other microservices does the actual job like writing
to the Firestore database. (Not sure if this is the best approach), however, the problem is that
we also need to connect the ReactJS client to Firestore for realtime updates, the interaction between the client and Firestore
should be READ ONLY! no writes directly from the ReactJS client side.
Is there a way to somehow combine then web client SDK for authenticated users (by the auth microservice) to get realtime updates directly from Firestore? (again, readonly)
As part of our React/NodeJS/Firebase app we have multiple node.js microservices.
They all use the Firebase Admin SDK that was initialized using a service account to get full access to all Firebase services.
The nodejs auth microservice is where we generate our custom JWT tokens for the ReactJS client and where we create new users in Firestore.
Any call to the backend is first being processed by the auth server, then one of the other microservices does the actual job like writing
to the Firestore database. (Not sure if this is the best approach), however, the problem is that
we also need to connect the ReactJS client to Firestore for realtime updates, the interaction between the client and Firestore
should be READ ONLY! no writes directly from the ReactJS client side.
Is there a way to somehow combine then web client SDK for authenticated users (by the auth microservice) to get realtime updates directly from Firestore? (again, readonly)
Thanks
Preston Holmes
Nov 21, 2019, 10:30:02 PM11/21/19
to fireba...@googlegroups.com
I'm going to assume that your custom JWT tokens are signed by your own auth service, and have nothing to do with Firebase Custom Auth. Firestore client libraries will only work with Firebase auth, as will Firestore Rules.
However, what you can do is set up a custom token exchange service, that will take your app-specific JWT, and exchange it for a Firebase Custom token.
This is then sent back to the client where they would call signInWithCustomToken . The client can then used to communicate with Firestore directly - and you can use read-only Firestore rules.
-P
--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/6d8effa6-cfc5-4b2b-be35-f0240777c916%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages