Migrating from custom nodejs (passport just) auth to firebase auth

[jayaprabhakar k]

Hi,
I'm the developer of https://www.codiva.io online Java IDE. I have existing website using nodejs. I want to start using firebase.

The first place of integration is firebase auth. Currently it is implemented using passport.js with local strategy. (Storing salted bcrypt hash in mongodb).

I want to migrate to using firebase. Is there a way to migrate existing users to firebase auth with minimal disruption to existing users?

All the guides I see are for new websites and new integration. Is there any best practices guide for migrating existing sites?

Thanks,
JP

[Samuel Stern]

Hi JP,

If you want to migrate existing usernames and passwords to Firebase Auth, you can use our import functionality:
https://firebase.google.com/docs/cli/auth

However it's pretty hard to do this in an "on the fly" situation.  You will probably have to support both backends for existing users for a bit and hard-migrate your sign up flow to use Firebase Auth in order to do a clean switch.

- Sam

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/b97d3bca-fd78-42d8-b9eb-e454653c8e5b%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Kiana McNellis]

You can also setup Firebase to use Custom authentication (with your old server).

Once a user logs into Firebase, you can then prompt them to link their account to a new signup-method (like email-password, phone, or google sign-in).  

-Kiana

To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/CAHafJBoe33FC4fFqN0nP_rY7F_tNdMA4WD0LGCxfmmaH8qR1Cg%40mail.gmail.com.

[j k]

Thanks. If I understand correctly, the approximate steps needed are,

1. Everytime a new user registers on the current system, create a parallel account in firebase using the admin API.
https://firebase.google.com/docs/auth/admin/manage-users#create_a_user

2. Mark the status of this account in existing mongodb database.

3. Import existing users, using the import API passing in the bcrypt hash.
https://firebase.google.com/docs/auth/admin/import-users#import_users_with_bcrypt_hashed_passwords

4. Everytime a user tries to sign in using username and password, set the session cookie.
https://firebase.google.com/docs/auth/admin/manage-cookies

5. To avoid breaking current logged in sessions, if the season cookie verification fails, check if the user is already logged in using current passport/express session cookie.

6. After a few weeks, once all the express session cookies expire, delete checking express session cookie.

Do you think this is the correct sequence of steps? Is there a simpler solution or did I miss something?

Thanks.

[j k]

Thanks Kiana.

I'll look at custom authentication. I want to do as little interruption to the user as possible