How do I get user information from webpage to webserver?

41 views
Skip to first unread message

Peter Kleiweg

unread,
Jul 2, 2016, 11:50:21 AM7/2/16
to Firebase Google Group
So, I have this webpage with firebase, and I have a user who has logged in. Now, how do I get the information back to the server?

I can do a redirect with the values for UID, user email, etc., but how do I verify on the server these values really came from firebase, and were not made up by someone?

Bassam Ojeil

unread,
Jul 2, 2016, 9:48:21 PM7/2/16
to Firebase Google Group
Hey Peter,
You have to pass the Firebase id token to the backend server. Call firebase.auth().getToken() and the promise returned will resolved with the token. You can then pass that token to your server and use our backend libraries to validate that token:

Bassam

Kato Richardson

unread,
Jul 5, 2016, 1:48:30 PM7/5/16
to Firebase Google Group
Another alternative here is to just pass the information through the database, which often turns out to be much simpler (no RESTful services, no security needed, et al).

By adding security rules to a path in your database, you can use the database as your central endpoint, bypass the need to enforce security (if they can write to the path, they are authenticated), and turn your server processes into small, robust, scalable workers. For example, I could create a path like the following:

{
   "server_queue":  {
       "$task_id":  {
           ".write": "auth != null && newData.exists() && newData.hasChildred(['uid', 'data']);
           "uid":  { ".validate":  "newData.val() === auth.uid" },
           "data": { ... }
       }
   }
}

And now my server can simply listen for add events on that path, process the records, and respond in some way to the client (probably by just writing results back to the database).

This model survives server restarts and outages, and using a tool like firebase-queue, you gain flexibility, modularity, and scalability to your worker processes.

☼, Kato

--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-tal...@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
 To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/d1041c37-bf23-4e10-b9bc-528ab9fb8389%40googlegroups.com.

For more options, visit https://groups.google.com/d/optout.



--

Kato Richardson | Developer Programs Eng | kato...@google.com | 775-235-8398

Reply all
Reply to author
Forward
0 new messages