I'm trying to find a way of authenticating a user with email /password purely through Go. I'm using Go templates and would like to use HTML purely as a dumb terminal to fetch input from. I seem to need to go through the firebase-app.js apis, sign-in, then pass the returned UID to go. Am I missing something? I am looking for something similar to the js :
firebase.auth().signInWithEmailAndPassword(_emailText, _passText)
I've had no luck finding anything in the godocs.
I figured it would be straight forward since I'm hosting on GAE and fetching a firebase service account is trivial. But it seems I need to capture the userInfo through js and possibly pass it back to go possibly through a GET method.
thanks in advance!
Related
I have a mobile app that does two things. The first one is to use Firebase to implement a chat. On the other side, the apps, uses a REST API to retrieve some info from a database and do some writes on it. Simple as that. The app provides a login system: two text fields and a button. The user provides an email address and a password then I used the standard Firebase function to do the login using signInWithEmailAndPassword(). The thing is that I should use the same credentials to do the login using the REST API to access the other database. At first I decided to do the call to Firebase and to the REST API in the same function. One other possible solution could be a web service. I'll explain how. A web services written in Python, PHP or JavaScript generates a JWT token that is sent to the mobile app after the user asks to sign in. I'm pretty sure that this is possible like shown here: https://firebase.google.com/docs/auth/admin. The latter seems too over-complicated to me. Now, the question is. Can someone suggest a solution, the most simple one, that can be used is a scenario like this? Thanks all in advance.
I am making a web app using firebase. I was looking into restricting access to certain pages unless there's a subscription. When I looked through the docs all I found was that I could do transactions with stripe and it only applied on signing in and up not restricting pages.
After searching on the internet, I didn't find a viable solution, but three ideas came up to me I could use (which are either with low working possibility or very lackluster to say the least. (all include using stripe.))
One: I would use a middleware to verify the token I get from stripe and then redirect from there. (but all that comes to my mind how I would identify the redirected page in the middleware. And even if that was probable how much time would that take to make it work(if that even is possible), I have no idea.)
Two: in hosting configurations I could call a function when a rewrite is performed. I thought I could call a make a function that verifies the token from the strip when a restricted page is called. (But then again not only is the function accessible after hosting and can be viewed, I don't know if I can call firebase configurations and functions inside the firebase.json.)
third: this is the most viable but has very bad downsides, is authenticating the strip token from in a regular javascript, and if it fails it would restrict the access to the page. Do the same in the rules so that the database section related to that page. (the downside is that the HTML, CSS, and javascript would all be accessible. Only the database functions relating to them are restricted.
So with all that being said, I couldn't find any viable option I could use. So I was wondering if anyone in here have met the same problem and got a solution or do you have any advice I could use.
Note: I am using firebase's realtime database by the way.
If you are trying to restrict access to your webpages/app, you should come up with a logic in your backend or frontend (depending on your app structure) where you could store values needed in Firestore or another solution.
In case you would like to restrict access to Firestore, you can achieve that with Rules.
I've searched around and have come up blank. I can't figure out where OAuth2 claims are actually stored in Firebase. I refer here to the claims that I can set via SetCustomUserClaimsAsync and get (through the returned user) via GetUserAsync. I guess I was imagining being able to manage that data via some browser page, as well as via code, but perhaps by design this is not possible?
Thanks in advance for suggestions.
Custom claims currently don't have a UI in the Firebase console. Feel free to file a feature request for that. Right now, you will have to write code to find the contents using the APIs you already mentioned.
I'm trying to write a function that will check to see if an email is registered with my Firebase app (with Javascript/Web), before proceeding with the sign up process (if the email isn't registered).
I created a node named active_emails which I wanted to populate with registered emails (like an array). I was going to check the email against this list and if it didn't exist then I would allow the user to proceed with the registration process.
I see from the answer here: Proper way to store values array-like in Firebase that Firebase creates keys inside the array. So a normal Javascript array check won't work. I understand how the answer above works, but I was wondering, since I'm essentially doing a look up on the emails of registered Firebase users, is there another way to do this check?
Am I correct in thinking that the answer above requires Firebase to compile and then send an array of emails back to the user client-side? This seems like it might affect performance (if there are hundreds of thousands, or millions of emails on file), and would it expose all user emails to the client? Is there another way to check if a user is registered or not, maybe something like attempting a registration and then catching a duplicate email error (although this sounds like a messy way to go about this).
The top answer here: How to find out if an email is already registered with Firebase Simple Login? suggests using fetchProvidersForEmail as a way of checking to see if an email is registered, but that answer is for android and I don't know if it's possible to do such a thing with Javascript/Web.
I've tried to integrate this method here:
function checkEmail(){
firebase.database().ref().fetchProvidersForEmail("emailaddress#gmail.com").once("value", function(snapshot) {
console.log(snapshot);
});
}
But it shows the error: firebase.database(...).ref(...).fetchProvidersForEmail is not a function. Does anybody have any ideas on the best way to go about achieving this check?
Thank you in advance!
This method is for auth only:
firebase.auth().fetchProvidersForEmail("emailaddress#gmail.com")
This is deprecated.
firebase.auth().fetchProvidersForEmail("emailaddress#gmail.com")
Use this.
firebase.auth().fetchSignInMethodsForEmail(email)
I am trying to write an application that uses facebook user's events as a possible data source and unfortunately I can log in and get an access token which I can use to get my picture and UID but when I try to access my events I get an empty array.
Does anyone know how I can go about doing this?
I am using Facebook's new Graph API but I must be doing something wrong, I tried using "perm" to get extra user permissions to access their "user_events" but that did not work at all. I am stumped any help would be greatly appreciated.
best regards!!
-ritec
When you do the authentication bit, you'll also need to request access to the user_events extended permission.
This question has a little more info from someone in a similar position as you.
Further instructions for prompting for extended permissions can be found in the Extended Permissions documentation.