diff --git a/auth/import_users.js b/auth/import_users.js index f2fd014c..ad58c842 100644 --- a/auth/import_users.js +++ b/auth/import_users.js @@ -59,13 +59,15 @@ admin.auth().importUsers([{ // Must be provided in a byte buffer. key: Buffer.from('secret') } -}).then(function(results) { - results.errors.forEach(function(indexedError) { - console.log('Error importing user ' + indexedError.index); +}) + .then(function(results) { + results.errors.forEach(function(indexedError) { + console.log('Error importing user ' + indexedError.index); + }); + }) + .catch(function(error) { + console.log('Error importing users:', error); }); -}).catch(function(error) { - console.log('Error importing users:', error); -}); // [END import_with_hmac] // [START import_with_pbkdf] @@ -81,13 +83,15 @@ admin.auth().importUsers([{ algorithm: 'PBKDF2_SHA256', rounds: 100000 } -}).then(function(results) { - results.errors.forEach(function(indexedError) { - console.log('Error importing user ' + indexedError.index); +}) + .then(function(results) { + results.errors.forEach(function(indexedError) { + console.log('Error importing user ' + indexedError.index); + }); + }) + .catch(function(error) { + console.log('Error importing users:', error); }); -}).catch(function(error) { - console.log('Error importing users:', error); -}); // [END import_with_pbkdf] // [START import_with_standard_scrypt] @@ -106,13 +110,15 @@ admin.auth().importUsers([{ blockSize: 8, derivedKeyLength: 64 } -}).then(function(results) { - results.errors.forEach(function(indexedError) { - console.log('Error importing user ' + indexedError.index); +}) + .then(function(results) { + results.errors.forEach(function(indexedError) { + console.log('Error importing user ' + indexedError.index); + }); + }) + .catch(function(error) { + console.log('Error importing users:', error); }); -}).catch(function(error) { - console.log('Error importing users:', error); -}); // [END import_with_standard_scrypt] // [START import_with_bcrypt] @@ -125,13 +131,15 @@ admin.auth().importUsers([{ hash: { algorithm: 'BCRYPT' } -}).then(function(results) { - results.errors.forEach(function(indexedError) { - console.log('Error importing user ' + indexedError.index); +}) + .then(function(results) { + results.errors.forEach(function(indexedError) { + console.log('Error importing user ' + indexedError.index); + }); + }) + .catch(function(error) { + console.log('Error importing users:', error); }); -}).catch(function(error) { - console.log('Error importing users:', error); -}); // [END import_with_bcrypt] @@ -153,13 +161,15 @@ admin.auth().importUsers([{ rounds: 8, memoryCost: 14 } -}).then(function(results) { - results.errors.forEach(function(indexedError) { - console.log('Error importing user ' + indexedError.index); +}) + .then(function(results) { + results.errors.forEach(function(indexedError) { + console.log('Error importing user ' + indexedError.index); + }); + }) + .catch(function(error) { + console.log('Error importing users:', error); }); -}).catch(function(error) { - console.log('Error importing users:', error); -}); // [END import_with_scrypt] // [START import_without_password] @@ -180,13 +190,15 @@ admin.auth().importUsers([{ photoURL: 'http://www.example.com/12345678/photo.png', providerId: 'google.com' }] -}]).then(function(results) { - results.errors.forEach(function(indexedError) { - console.log('Error importing user ' + indexedError.index); +}]) + .then(function(results) { + results.errors.forEach(function(indexedError) { + console.log('Error importing user ' + indexedError.index); + }); + }) + .catch(function(error) { + console.log('Error importing users:', error); }); -}).catch(function(error) { - console.log('Error importing users:', error); -}); // [END import_without_password] diff --git a/auth/manage_cookies.js b/auth/manage_cookies.js index 275d165e..5807d68c 100644 --- a/auth/manage_cookies.js +++ b/auth/manage_cookies.js @@ -20,14 +20,15 @@ app.post('/sessionLogin', (req, res) => { // The session cookie will have the same claims as the ID token. // To only allow session cookie setting on recent sign-in, auth_time in ID token // can be checked to ensure user was recently signed in before creating a session cookie. - admin.auth().createSessionCookie(idToken, {expiresIn}).then((sessionCookie) => { - // Set cookie policy for session cookie. - const options = {maxAge: expiresIn, httpOnly: true, secure: true}; - res.cookie('session', sessionCookie, options); - res.end(JSON.stringify({status: 'success'})); - }, error => { - res.status(401).send('UNAUTHORIZED REQUEST!'); - }); + admin.auth().createSessionCookie(idToken, {expiresIn}) + .then((sessionCookie) => { + // Set cookie policy for session cookie. + const options = {maxAge: expiresIn, httpOnly: true, secure: true}; + res.cookie('session', sessionCookie, options); + res.end(JSON.stringify({status: 'success'})); + }, error => { + res.status(401).send('UNAUTHORIZED REQUEST!'); + }); }); // [END session_login] @@ -37,16 +38,17 @@ app.post('/verifyToken', (req, res) => { // Set session expiration to 5 days. const expiresIn = 60 * 60 * 24 * 5 * 1000; // [START check_auth_time] - admin.auth().verifyIdToken(idToken).then((decodedIdToken) => { - // Only process if the user just signed in in the last 5 minutes. - if (new Date().getTime() / 1000 - decodedIdToken.auth_time < 5 * 60) { - // Create session cookie and set it. - return admin.auth().createSessionCookie(idToken, {expiresIn}); - } - // A user that was not recently signed in is trying to set a session cookie. - // To guard against ID token theft, require re-authentication. - res.status(401).send('Recent sign in required!'); - }); + admin.auth().verifyIdToken(idToken) + .then((decodedIdToken) => { + // Only process if the user just signed in in the last 5 minutes. + if (new Date().getTime() / 1000 - decodedIdToken.auth_time < 5 * 60) { + // Create session cookie and set it. + return admin.auth().createSessionCookie(idToken, {expiresIn}); + } + // A user that was not recently signed in is trying to set a session cookie. + // To guard against ID token theft, require re-authentication. + res.status(401).send('Recent sign in required!'); + }); // [END check_auth_time] }); @@ -57,28 +59,32 @@ app.post('/profile', (req, res) => { // Verify the session cookie. In this case an additional check is added to detect // if the user's Firebase session was revoked, user deleted/disabled, etc. admin.auth().verifySessionCookie( - sessionCookie, true /** checkRevoked */).then((decodedClaims) => { - serveContentForUser('/profile', req, res, decodedClaims); - }).catch(error => { - // Session cookie is unavailable or invalid. Force user to login. - res.redirect('/login'); - }); + sessionCookie, true /** checkRevoked */) + .then((decodedClaims) => { + serveContentForUser('/profile', req, res, decodedClaims); + }) + .catch(error => { + // Session cookie is unavailable or invalid. Force user to login. + res.redirect('/login'); + }); }); // [END session_verify] app.post('/verifySessionCookie', (req, res) => { const sessionCookie = req.cookies.session || ''; // [START session_verify_with_permission_check] - admin.auth().verifySessionCookie(sessionCookie, true).then((decodedClaims) => { - // Check custom claims to confirm user is an admin. - if (decodedClaims.admin === true) { - return serveContentForAdmin('/admin', req, res, decodedClaims); - } - res.status(401).send('UNAUTHORIZED REQUEST!'); - }).catch(error => { - // Session cookie is unavailable or invalid. Force user to login. - res.redirect('/login'); - }); + admin.auth().verifySessionCookie(sessionCookie, true) + .then((decodedClaims) => { + // Check custom claims to confirm user is an admin. + if (decodedClaims.admin === true) { + return serveContentForAdmin('/admin', req, res, decodedClaims); + } + res.status(401).send('UNAUTHORIZED REQUEST!'); + }) + .catch(error => { + // Session cookie is unavailable or invalid. Force user to login. + res.redirect('/login'); + }); // [END session_verify_with_permission_check] }); @@ -94,13 +100,16 @@ app.post('/sessionLogout', (req, res) => { app.post('/sessionLogout', (req, res) => { const sessionCookie = req.cookies.session || ''; res.clearCookie('session'); - admin.auth().verifySessionCookie(sessionCookie).then((decodedClaims) => { + admin.auth().verifySessionCookie(sessionCookie) + .then((decodedClaims) => { return admin.auth().revokeRefreshTokens(decodedClaims.sub); - }).then(() => { - res.redirect('/login'); - }).catch((error) => { + }) + .then(() => { res.redirect('/login'); - }); + }) + .catch((error) => { + res.redirect('/login'); + }); }); // [END session_clear_and_revoke] diff --git a/auth/manage_sessions.js b/auth/manage_sessions.js index 8216bfab..c7002796 100644 --- a/auth/manage_sessions.js +++ b/auth/manage_sessions.js @@ -6,23 +6,23 @@ admin.initializeApp(); // Revoke all refresh tokens for a specified user for whatever reason. // Retrieve the timestamp of the revocation, in seconds since the epoch. admin.auth().revokeRefreshTokens(uid) - .then(() => { - return admin.auth().getUser(uid); - }) - .then((userRecord) => { - return new Date(userRecord.tokensValidAfterTime).getTime() / 1000; - }) - .then((timestamp) => { - console.log('Tokens revoked at: ', timestamp); + .then(() => { + return admin.auth().getUser(uid); + }) + .then((userRecord) => { + return new Date(userRecord.tokensValidAfterTime).getTime() / 1000; + }) + .then((timestamp) => { + console.log('Tokens revoked at: ', timestamp); }); // [END revoke_tokens] // [START save_revocation_in_db] const metadataRef = admin.database().ref('metadata/' + uid); metadataRef.set({revokeTime: utcRevocationTimeSecs}) - .then(() => { - console.log('Database updated successfully.'); - }); + .then(() => { + console.log('Database updated successfully.'); + }); // [END save_revocation_in_db] // [START verify_id_token_check_revoked] diff --git a/auth/manage_users.js b/auth/manage_users.js index f7674e97..c1f1f484 100644 --- a/auth/manage_users.js +++ b/auth/manage_users.js @@ -4,35 +4,35 @@ admin.initializeApp(); // [START get_user_by_id] admin.auth().getUser(uid) -.then(function(userRecord) { - // See the UserRecord reference doc for the contents of userRecord. - console.log('Successfully fetched user data:', userRecord.toJSON()); -}) -.catch(function(error) { - console.log('Error fetching user data:', error); -}); + .then(function(userRecord) { + // See the UserRecord reference doc for the contents of userRecord. + console.log('Successfully fetched user data:', userRecord.toJSON()); + }) + .catch(function(error) { + console.log('Error fetching user data:', error); + }); // [END get_user_by_id] // [START get_user_by_email] admin.auth().getUserByEmail(email) -.then(function(userRecord) { - // See the UserRecord reference doc for the contents of userRecord. - console.log('Successfully fetched user data:', userRecord.toJSON()); -}) -.catch(function(error) { - console.log('Error fetching user data:', error); -}); + .then(function(userRecord) { + // See the UserRecord reference doc for the contents of userRecord. + console.log('Successfully fetched user data:', userRecord.toJSON()); + }) + .catch(function(error) { + console.log('Error fetching user data:', error); + }); // [END get_user_by_email] // [START get_user_by_phone] admin.auth().getUserByPhoneNumber(phoneNumber) -.then(function(userRecord) { - // See the UserRecord reference doc for the contents of userRecord. - console.log('Successfully fetched user data:', userRecord.toJSON()); -}) -.catch(function(error) { - console.log('Error fetching user data:', error); -}); + .then(function(userRecord) { + // See the UserRecord reference doc for the contents of userRecord. + console.log('Successfully fetched user data:', userRecord.toJSON()); + }) + .catch(function(error) { + console.log('Error fetching user data:', error); + }); // [END get_user_by_phone] // [START create_user] @@ -90,12 +90,12 @@ admin.auth().updateUser(uid, { // [START delete_user] admin.auth().deleteUser(uid) -.then(function() { - console.log('Successfully deleted user'); -}) -.catch(function(error) { - console.log('Error deleting user:', error); -}); + .then(function() { + console.log('Successfully deleted user'); + }) + .catch(function(error) { + console.log('Error deleting user:', error); + }); // [END delete_user] // [START list_all_users]