Currently developing an extension of the basic network using node sdk. Im trying to figure out a way to implement user auth (REST api preferred). Is there any documentation that has this approach?
(User object currently used by the node app is the default User1 created by registerUser.js in fabric-samples)
Related
I'm trying to use the Firebase authentication service by email and password for my App.
I've noticed there are two SDKs, Client and Admin, both of them have methods to create a new user.
I've also noticed that only the client SDK has method to validate the user email and to return the new user's token after creation.
The two SDKs made me confuse regarding the way I should use this service so I have few questions:
Should I create a "signup" route in my server and use the Admin SDK or I should use the client SDK?
If I use the client SDK for signing it should be in the server side or in the client side?
How I can verify the user email using Firebase "Email address verification" template?
If someone can give me some guidelines.
The Firebase Admin SDKs are meant to run in a trusted environment, such as your development machine, a server you control, or Cloud Functions. They run with elevated, administrative privileges, based on a service account that you specify when initializing them. As such, there is no way to sign a user in with an Admin SDK, even though they indeed (as you noted) have the ability to create user accounts.
The client-side Node.js SDK is meant to be used in non-trusted environments, like for example IoT setups. This SDK indeed allows you to sign in as a specific user, and this information is then passed when you call other Firebase APIs from within the Node app.
Which of the two you should use depends on the use-case, which you're unfortunately not describing. Without that, the above is the best guidance we can give: if your code runs in a trusted environment, use the Admin SDK; otherwise use the client-side SDK.
I have been using Firebase auth for handling my sign up / sign in process. But my team is changing to using Google Indentity Platform (to benefit from the OIDC / SAML), so I'm confused in this change :
The sign in / sign on process is handled in the front end (using React) for both Firebase and Identity Platform so we are using Fireabase sdk in the react app. But there are some function that needs to use the admin SDK in the backend that we were handling it with NodeJS admin sdk, for example (admin.auth().getUserByEmail etc..) .. but we didn't find the auth key configuration for the identity platform to use it to configure the admin SDK (if we can use the firebase admin sdk in identity platform).
I have a list (+100) of (emails , passwords) that I must create accounts in our Identity paltform, but the issue is the sign up is being handled in the front-end and our goal is to write a code in the backend (prefered in the backend) to extract that list form file and create accounts using a loop one by one (because we will use each identity paltform ID created in some other logic).
So my questions are :
The registration of a new account is done in the frontend (react) .. can I do it in the backend ? because I have a list that requires a loop to create an account one by one
You can use the Firebase Admin SDK to create user accounts programmatically. There is detailed documentation available for creating user accounts.
--First time poster, mods please let me know if the question is inappropriate/incorrect--
Situation:
I'm working on an app with friends. We have a dedicated frontend layer and a dedicated nodejs server running MongoDB. I am trying to integrate firebase into our server layer so we can login users and handle minting/verifying/refreshing tokens using Firebase Auth.
Problem:
I'm completely lost as to how to use Firebase Auth for this purpose. I've looked through the docs extensively, I first went down the "Getting Started with Firebase on an App", until I realized (I think) that guide was specifically for web applications without a dedicated backend.
Then I looked more into Firebase Auth Admin, which looked more like what I was looking for. I tried messing with custom token creation and other authentication related matters but I fail to be able to log in.
I reached out to friends for help, they recommended getting local login/googleauth working End-to-end using firebase before trying to secure our tokens moreso than they already are.
I'm very lost and not sure if I'm misunderstanding something fundamental or just not applying the right things. I apologize if this is unclear, I'm just trying to allow email/password login using firebase auth to securely authenticate with my MongoDB data (if that's even necessary)
Any guidance would be appreciated!
You're absolutely right with your approach and its possible to use Firebase Auth for just login/signup and rest of all on mongoDB.
There are 2 ways u can implement the Firebase Auth-
Using the sdk provided by Firebase
Using the Admin Auth API
Which ever way you selected, Later on save your UID on your custom Backend (Which is backed by MongoDB)
Just create your API's to verify user identity.
If you're using NodeJs you can follow this tutorial.
I need to call API's created using google cloud endpoint framework from my node.js applications. How I will be able to complete auth process and call the above APIs? Is it possible from node.js application to access the API's?
According to the official documentation, Cloud Endpoints Framework is a web framework for the App Engine standard (only) Python 2.7 and Java 8 runtime environments. It doesn’t support Node.js (nor PHP, Go) runtime environments.
=========================================================================
EDIT:
The answer to your initial question (“Is it possible from node.js application to access the API's”) is yes.
Your client application does not need to be in Python or Java, it can be on any language such as Node.js.
Regarding authentication, for the backend app (GAE), the flow would be the following:
You can authenticate the access to the Endpoints by creating a Service Account on Google Cloud Platform.
In the API Decorator, add the Service Account and public cert link.
In the API Decorator, add the SA as audience also.
Finally, on your Node.js application (client side), request Authentication by requesting the JWT token:
1.Create a JWT with the same audience set before on the API Decorator and sign it with the service account's private key.
2.Send the signed JWT in a request to the API.
Below you have some examples of the call request. I didn’t find examples in Node.js, they are in Python, but you can translate them to Node.js since the flow is basically the same:
1.JWT Authentication request GCP official documentation.
2.Accessing an API requiring Authentication (Python Client)
3.Github Google-Client-JWT Sample.
The Firebase SDK v3 for node JS does not support authenticating with custom generated tokens the same way the web SDK does, the method is simply not there.
How should NodeJS applications running on client machines that wish to have limited visibility over nodes in the realtime database authenticate with this new approach ?
This scenario is supported since release 3.3 of the Firebase JavaScript SDK.
Client Authentication APIs are now available in Node.js. When you call intializeApp(), pass a serviceAccount to use the Authentication for Servers APIs in your app, or pass an apiKey to use the client Authentication APIs
Versions 3.0-3.2.1 of the Firebase SDK for Node.JS require that you have access to a service account/private key for the Firebase project. For that reason they are only targeted for use in a server-side environment.