I want to programatically add new users in firebase auth service with phone no and email (both providers attached to each other). Is there anyway I can do it without verifying them and maybe through nodejs (reactjs will also work, but node is preferred as I building an api to do some custom task after user is created) ?
The above issue is resolved by: https://firebase.google.com/docs/auth/admin/manage-users#create_a_user
Related
I'm trying to use the Firebase authentication service by email and password for my App.
I've noticed there are two SDKs, Client and Admin, both of them have methods to create a new user.
I've also noticed that only the client SDK has method to validate the user email and to return the new user's token after creation.
The two SDKs made me confuse regarding the way I should use this service so I have few questions:
Should I create a "signup" route in my server and use the Admin SDK or I should use the client SDK?
If I use the client SDK for signing it should be in the server side or in the client side?
How I can verify the user email using Firebase "Email address verification" template?
If someone can give me some guidelines.
The Firebase Admin SDKs are meant to run in a trusted environment, such as your development machine, a server you control, or Cloud Functions. They run with elevated, administrative privileges, based on a service account that you specify when initializing them. As such, there is no way to sign a user in with an Admin SDK, even though they indeed (as you noted) have the ability to create user accounts.
The client-side Node.js SDK is meant to be used in non-trusted environments, like for example IoT setups. This SDK indeed allows you to sign in as a specific user, and this information is then passed when you call other Firebase APIs from within the Node app.
Which of the two you should use depends on the use-case, which you're unfortunately not describing. Without that, the above is the best guidance we can give: if your code runs in a trusted environment, use the Admin SDK; otherwise use the client-side SDK.
--First time poster, mods please let me know if the question is inappropriate/incorrect--
Situation:
I'm working on an app with friends. We have a dedicated frontend layer and a dedicated nodejs server running MongoDB. I am trying to integrate firebase into our server layer so we can login users and handle minting/verifying/refreshing tokens using Firebase Auth.
Problem:
I'm completely lost as to how to use Firebase Auth for this purpose. I've looked through the docs extensively, I first went down the "Getting Started with Firebase on an App", until I realized (I think) that guide was specifically for web applications without a dedicated backend.
Then I looked more into Firebase Auth Admin, which looked more like what I was looking for. I tried messing with custom token creation and other authentication related matters but I fail to be able to log in.
I reached out to friends for help, they recommended getting local login/googleauth working End-to-end using firebase before trying to secure our tokens moreso than they already are.
I'm very lost and not sure if I'm misunderstanding something fundamental or just not applying the right things. I apologize if this is unclear, I'm just trying to allow email/password login using firebase auth to securely authenticate with my MongoDB data (if that's even necessary)
Any guidance would be appreciated!
You're absolutely right with your approach and its possible to use Firebase Auth for just login/signup and rest of all on mongoDB.
There are 2 ways u can implement the Firebase Auth-
Using the sdk provided by Firebase
Using the Admin Auth API
Which ever way you selected, Later on save your UID on your custom Backend (Which is backed by MongoDB)
Just create your API's to verify user identity.
If you're using NodeJs you can follow this tutorial.
I'm developing an nodejs app, I already handle a register, login and profile api which work perfectly.
I am using passport-jwt to generate a valid JWT to access the user profile.
The first version of my app is monolithic.
I wanted to switch on docker microservices architecture for my app.
I succeeded on separate register, login and profile into 3 separate containers. My register and login microservices are working great.
The only problem is that the JWT that is generated by register or login services seems to be invalid (Unauthorized on profile api) but it wasn't the case when my app was monolithic.
I didn't change my code.
Did anyone experienced that issue ? Am I missing something ?
I believe this should be due to CORS because when you ran your app as a single monolith all the requests originated/served from the same domain name which is not the case when you split that into different services running in separate containers.
I had faced similar issues while trying to implement ldapauth-fork and solved it by setting explicitly the below http header -
res.setHeader('Access-Control-Allow-Origin', 'https://yourprofileservice');
Check on this and if you still face issues please do share the errors you receive on your end.
I'm faced with the current dilemma. My application flow is as follows:
Admin logs in
Has to select a list of clients
The selected Client data is then loaded in
Admin should now be able to Link Facebook, for example, to that
client's account with their credentials on a click of a button. Same
would apply for other social media accounts that the user has. The
reason that's important is the app then goes and fetches data from
their social media, such as Facebook Insights.
Is there a way I could achieve is ? I was thinking maybe Auth0 but I had a look on their documentation and it seems I could do it but only if Admin was the one linking his own social media account to his account. Can't really see a way where he could link other accounts to the Client's account currently selected.
I'm working with a React-Redux, Express and MongoDB app.
Even a push in the direct direction would be greatly appreciated.
This is certainly achievable using Auth0 - take a look at the Link Accounts API (User) - you want to use the second option using an API v2 token
See sample here that illustrates how this might work using Node.js.
You could possibly rework this to your technology stack pretty easily. Since you are using a Management Token you'd want that to remain server side (Express) and the react/redux app could make ajax calls via the Express Server side component - which in turn calls out to the Auth0 endpoint to perform the user search / linking actions.
I am having a puzzling issue with third party (Twitter) sign-in to my Firebase instance. I get the following exception when trying to authenticate via signInWithPopup JavaScript method:
The given sign-in provider is disabled for this Firebase project. Enable it in the Firebase console, under the sign-in method tab of the Auth section.
I have confirmed that Twitter sign-in is indeed enabled in the Firebase console:
I have read various blog posts stating that Firebase users have experienced issues with third party auth when using v2.x.x of the Firebase SDK when having their projects created in the new console (subdomain of Google). However, I don't think these conditions are applicable to my situation because:
My Node project is using Firebase v3.3.0 npm package and I haven't found anyone else complaining about third party auth while using this version.
I created my Firebase project using the new console.
Other things that may be useful to know:
I can read/write data from/to Firebase without any problems
I have not tried any other authentication methods
Great thanks to whoever can shed some light on this issue :)
I ended up fixing this issue by creating a new Firebase instance in the old console and then porting it over to the new console. My only assumption is that the authentication problems noticed with v2.x.x versions haven't been fixed with v3.x.x :(