How can I implement auth in Laravel for firebase

[prajwalpoojari9876]

I can check valid user by verify password

$user = app('firebase.auth')->verifyPassword($email,$password);
            if($user->emailVerified) {
                    echo 'login success';
             }

Now further query

$docRef = app('firebase.firestore')->database()->collection('MyCollectionName')
                    ->where('name', '==', 'anyname')
                    ->documents();

But how the above query is authenticated to user logged in.

[jeromegamez]

That's currently not possible with the SDK - it's on my todo list but will require some serious rewrites, so there's, unfortunately, no ETA.

[prajwalpoojari9876]

ok. So as of now, can we go this way
As soon as the verify password sends true. We store the uid in the laravel session and all further queries will be made through uid.

I know it would not be safe. But all queries would be through Laravel.

And other related query is that what createCustomToken, verifyIdToken does?. This are for server validation if we go RESTful apis.

[jeromegamez]

You can store the UID in the session, but connections from your PHP application to the Firebase Servers will still be authenticated with your service account credentials (= Admin Access).

verifyIdToken() is used to ensure that a user token in a request from a Firebase Client Application is valid and not expired. https://firebase.google.com/docs/auth/admin/verify-id-tokens

createCustomToken() is used to create a custom token with additional claims to send back to a Firebase Client Application. https://firebase.google.com/docs/auth/admin/create-custom-tokens

[prajwalpoojari9876]

Thanks @jeromegamez