My program should allow offline login.
To do these, I trying to save password hash which created by Firebase Auth.
Then offline acquire email and password from login screen, authenticate by password hash which saved at local.
I can find export firebase auth to csv document.
To implement my use case how I do that?
If you're trying to get a list of all users and their password hash from Firebase, you can do so through the Firebase Authentication Admin SDK's listUsers method. For security reasons this SDK only runs on a trusted environment, such as your development machine, as server you control, or Cloud Functions
Related
I have an existing Firebase project where I'm managing auth myself in a backend API. I'm hashing the password and comparing it to a stored hashed password and returning a custom claims token.
I'm trying to transition the project to using the native auth (sign in with email + password). My problem is the existing users. I have hashed passwords for all of them stored in Firebase, but the Firebase auth itself doesn't know about the passwords. I don't want to force my users to all set their passwords again, but I don't see another way to accomplish this. Is there another way?
I guess you know the key used to hash the passwords, since you stored them in Firestore. You could then use the auth:import command of the CLI.
is it possible to make this scenario with Firebase Auth en Firebase Cloud functions?
User opens my app and chooses for create account
Submits their email adres in the app
User is added in Firebase Auth (cloud function?)
LoginCode or password is created (cloud function?)
LoginCode or password is mailed to the users mail adres (cloud function?)
User submits the LoginCode word password in the app and is authenticated by Firebase Auth.
Is this possible?
The idea is that user must use a valid mail address, otherwise they cannot use the app.
Or are there easier ways to do this?
Your question is quite broad... but yes all of that is possible. With the Admin SDK (which is used in a Cloud Function), you can, in a unique Cloud Function:
Create a user account with the desired password (including a password that you randomly generate in the Cloud Function if it is what you want): use createUser().
Mail the password when the user creation is completed: See this sample or use the dedicated Extension (by creating a Firestore doc from the Cloud Function)
This Cloud Function can be triggered from the Flutter app (including passing the email to the Cloud Function): see Callable Cloud Functions, here and here.
Note that if your goal is to validate the email addresses, there are other approaches that could be considered, like authenticating through an Email Link or generating an email verification link.
Conclusion: It's up to you to choose the best approach for your case.
I'm working on an application where I'll need to help users with certain tasks as part of my customer service. Rather than build a separate admin interface, I'd prefer to have the ability to impersonate users to use the app for them.
Is this something that Firebase can do?
Yes!
Using admin SDK and service account initialize Firebase app backend with:
admin.initializeApp({
credential: admin.credential.cert(service_account_json),
})
Obtain authentication token for the user you wish to impersonate:
const userId = "[impersonating user uid string]"
const token = await admin.auth().createCustomToken(userId)
Using frontend Firebase SDK authenticate user with:
const token = "[token string obtained in step 2]"
firebase.auth().signInWithCustomToken(token)
Done! You're now impersonating selected user.
For obvious security reasons the backend endpoint, like Google Cloud Function should require authentication and verify if user requesting custom token is actually a privileged user (admin), to avoid situation where any authenticated user is able to impersonate anyone.
The Firebase Authentication client-side SDKs have no built-in impersonation mechanism. To sign in as a specific user on these SDKs, you must know that user's credentials.
The Firebase Admin SDKs supports impersonating a user in its interaction with the Realtime Database. Since the Admin SDK is meant to be run in a trusted environment (such as your development machine, a server you control, or Cloud Functions) they run with administrative privileges. To learn more about impersonating a regular user here, see the documentation on authenticating with limited privileges.
I am managing SQL server database along with Firebase. I have created user's account in Firebase from back-end by below method and stores other properties
in Firebase by providing User UID as unique key.
firebase.auth().createUserWithEmailAndPassword(Email, Password).then(function (user) {
firebase.database().ref("Users/" + user.uid + "/").set({
favouriteId: FavouriteId,
hotelId: HotelRef,
isActive: IsActive,
isLoggedIn: IsLoggedIn,
name: Name,
vendorId: VendorId
}) });
User can use above credentials to login into mobile app.To change password of user I am using reset password by email from Firebase. Here Password is changing from mobile side and I am unable to update that password in SQL server.I want to update new password in SQL server database.
I have searched for above but I didn't find any solution or other way to get password from Firebase.
Currently I am calling API from mobile side to update password in SQL server.
Is there any way to retrieve updated password from Firebase database?
Why are you storing the password (never a good idea to store plain text password) when Firebase Auth already does this for you securely using best practices including salting and hashing the password. If you plan to use Firebase Auth, you may as well let them manage password authentication for you. If you need to migrate to another auth system at some point in time, Firebase Auth provides multiple tools to get the hashed passwords via CLI SDK and Firebase Admin SDK.
I have an Ionic application using Firebase so I opted to use Angularfire. Currently running Angularfire4. In my application I store the uid and I want to get email related with that uid. I use the email/password login provided by firebase. How can I translate the uid to an email?
The only method found is when using nodejs.
The only data that is exposed in the client-side Authentication SDKs is the profile of the currently authenticated user.
There is no way to look up user data for a UID with the Firebase Authentication client-side SDKs. While admittedly convenient, it would make leaking user-data way too easy.
The only way to look up user data by UID is using the Admin SDK that you found. The idea is that you run those in a trusted environment (e.g. a server you control, or Cloud Functions) and selectively expose the user data that your app needs.