Passing auth token to web client #569
-
|
I'm refactoring my backend away from Node/Express to PHP/Laravel and the datastore from firebase to mysql. This process will take a while and for a certain time, both old and new backends should live in parallel. The first step I'm taking is enabling authenticated users from the new backend to access the legacy firebase realtime database. I already can use user credentials (email/password) to log them in from my new backend into firebase but don't know how to pass the authentication token I receive back to the web client, enabling users to access firebase from the client-side. The idea is that they can login once and use both apps. Any help is more than appreciated! |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 2 replies
-
|
I'm assuming that you have in your Laravel Backend a relation between the Laravel User and the Firebase user, so that you can retrieve a Laravel User with a Firebase User ID, and a Firebase User with a Laravel User ID. I'm also assuming that you are using the kreait/laravel-firebase, even if it's just to drop it here, just in case you're not already using it 😅. From the top of my head, I think this could be made possible by generating a Firebase custom token in the backend that the web client then can use to log into Firebase. use Kreait\Laravel\Firebase\Facades\Firebase;
$claims = [/*...*/];
$customToken = Firebase::auth()
->createCustomToken(Auth::user()->firebase_uid, $claims)
->toString();When you pass this token to the web client, you could use it to sign them into Firebase directly using the Firebase Client SDK: https://firebase.google.com/docs/auth/web/custom-auth If you sign them in in the backend with the username/password that you have stored in the Firebase Auth database, you could do it the other way round: use Kreait\Laravel\Firebase\Facades\Firebase;
$signInResult = Firebase::auth()->signInWithEmailAndPassword($email, $password);
// Make sure that the user exists locally
$laravelUser = User::findOrFail($signInResult->firebaseUserId());
$customToken = Firebase::auth()
->createCustomToken(Auth::user()->firebase_uid, $claims)
->toString();
I've already written a paragraph about "if your user is already signed into the web client", but luckily I realized that if they were, we wouldn't be talking right now 😂 |
Beta Was this translation helpful? Give feedback.
-
|
Hi @jeromegamez! Thanks for your thoroughly reply! All your assumptions are right. I'm signing them in with $customToken = Firebase::auth()
->createCustomToken(Auth::user()->firebase_uid, $claims)
->toString();And obviously having to refactor the web client to check for a custom token. I asked this same question in Stackoverflow. If you add this answer there, I'm more than glad to accept it. Thank you very much! |
Beta Was this translation helpful? Give feedback.
-
|
159 more Reputation on SO and I can re-open the question 😅 |
Beta Was this translation helpful? Give feedback.
I'm assuming that you have in your Laravel Backend a relation between the Laravel User and the Firebase user, so that you can retrieve a Laravel User with a Firebase User ID, and a Firebase User with a Laravel User ID. I'm also assuming that you are using the kreait/laravel-firebase, even if it's just to drop it here, just in case you're not already using it 😅.
From the top of my head, I think this could be made possible by generating a Firebase custom token in the backend that the web client then can use to log into Firebase.