Use the web sdk on a node.js server?

426 views
Skip to first unread message

mi...@sardius.media

unread,
Jul 12, 2016, 9:02:12 PM7/12/16
to Firebase Google Group
I'm trying to migrate my legacy project to the current firebase api. The lagecy api was the same for web or node.js just but it changed to separate "server" and "web".I use firebase to talk between child servers and a parent server (admin access) running node.js.
I have rules setup using auth variables set using the custom token generator. The child request a FB token from the parent. the parent send back a token with some custom auth variables set. The variables are used in the rules to restrict access to a certain node in firebase.

Simple example:
".read"  : "root.child('SOME_ID').child('token').val() == auth.childToken",
".write" : "root.child('SOME_ID').child('token').val() == auth.childToken"
 


If the parent wants to act as a child (so the rules are respected) I used to use something like  
var Firebase = require("firebase")
var ref = new Firebase(...
ref.authWithCustomToken(FBtoken,func...

The new way of doing this is like below but is for only the web api so I can't do signInWithCustomToken server side (easily) 
var Firebase = require("firebase")
Firebase.initializeApp(...

var child = Firebase.auth().signInWithCustomToken(
FBtoken
,
func...

Here is my issue, On the parent (with root access) I'm trying something like this
 
//this token was created on the parent, sent to the child, and the child sends it back to add some data into firebase by the parent sever with admin access
var FbToken = tokenGenerator.createToken({uid: "user-1", userToken:"unique-token" });
//the parent gets data from firebase that the client doesnt have access to
var newData = getData();
//create a new firebase
var ref = new Firebase(FbRoot).child("/child_id");
//log in as the client
ref.authWithCustomToken(FbToken, function(error, authData) {
if(error){
console.log(error)
}
else{
//set some data as the client
ref.set({data:newData},function(error){
if(error) 
console.log(error)
console.log("success!!!")
})
}
});

after running my database would look like this
{
   "clinetID":{
        "childToken:"unique-token"
        "data":"some data object(s)"
    }
}


Kato Richardson

unread,
Jul 13, 2016, 4:03:13 PM7/13/16
to Firebase Google Group

Creating and verifying tokens is quite a bit different in the new SDK. You don't sign in using the custom tokens on the server. Those are for clients.

Instead, you just specify the uid you want to impersonate and use a service account.

For an overview of the processes, see here. For authenticating clients with custom tokens, see here.

For authenticating servers, see here and here.


--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/984c4e57-fb65-4dcd-b69f-397b51c9338d%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Jacob Wenger

unread,
Aug 29, 2016, 12:30:30 PM8/29/16
to Firebase Google Group
Hey there,

I just wanted to follow up here and let you know that signInWithCustomToken() has been available in the Node.js SDK for a couple weeks now, ever since version 3.3.0 of the JavaScript SDK. The SDK should now be mostly isomorphic, but see my message on another thread here for the full details. Full release notes for that release are here.

Cheers,
Jacob
Reply all
Reply to author
Forward
0 new messages