/** User delete endpoint. */ app.get('/delete', function (req, res) { const sessionCookie = req.cookies.session || ''; res.clearCookie('session'); if (sessionCookie) { // Verify user and then delete the user. admin.auth().verifySessionCookie(sessionCookie, true).then(function(decodedClaims) { return admin.auth().deleteUser(decodedClaims.sub); }) .then(function() { // Redirect to login page on success. res.redirect('/'); }) .catch(function() { // Redirect to login page on error. res.redirect('/'); }); } else { // Redirect to login page when no session cookie available. res.redirect('/'); } });
if (new Date().getTime() / 1000 - decodedClaims.auth_time < 5 * 60) { return admin.auth().createSessionCookie(idToken, {expiresIn: expiresIn});
return admin.auth().getUser(decodedClaims.sub).then(function(userRecord) { const html = '<!DOCTYPE html>' + '<html>' +
admin.auth().verifyIdToken(idToken).then(decodedIdToken => { console.log('ID Token correctly decoded', decodedIdToken); admin.auth().getUser(decodedIdToken.uid).then((userRecord) => { return resolve(userRecord); }).catch(error => { console.error('Error while getting Firebase User record:', error); return reject({code: 403, error: 'Unauthorized'}); }); }).catch(error => { console.error('Error while verifying Firebase ID token:', error); return reject({code: 403, error: 'Unauthorized'}); });
async function verify (token) { try { let decodedToken = await firebase.auth().verifyIdToken(token) let user = await firebase.firestore().doc(`/user/${decodedToken.user_id}`).get() user = user.data() decodedToken.isAdmin = user.isAdmin decodedToken.slug = user.slug return decodedToken } catch (e) { console.log(e) throw new Error(e) } }
/** User signout endpoint. */ app.get('/logout', function (req, res) { // Clear cookie. const sessionCookie = req.cookies.session || ''; res.clearCookie('session'); // Revoke session too. Note this will revoke all user sessions. if (sessionCookie) { admin.auth().verifySessionCookie(sessionCookie, true).then(function(decodedClaims) { return admin.auth().revokeRefreshTokens(decodedClaims.sub); }) .then(function() { // Redirect to login page on success. res.redirect('/'); }) .catch(function() { // Redirect to login page on error. res.redirect('/'); }); } else { // Redirect to login page when no session cookie available. res.redirect('/'); } });
admin.auth().verifyIdToken(token) .then(function(decodedToken) { req.user_identification = { uid: decodedToken.uid, email: decodedToken.email, is_email_verified: decodedToken.email_verified }; return next(); }).catch(function(error) { res.status(401) res.json({"error": "You are not authorized."}); return false; });
const validateFirebaseIdToken = (req, res, next) => { if (!req.headers.authorization || !req.headers.authorization.startsWith('Bearer ')) { console.error('No Firebase ID token was passed as a Bearer token in the Authorization header.', 'Make sure you authorize your request by providing the following HTTP header:', 'Authorization: Bearer <Firebase ID Token>'); res.status(403).json({error: 'Unauthorized'}); return; } const idToken = req.headers.authorization.split('Bearer ')[1]; admin.auth().verifyIdToken(idToken).then(decodedIdToken => { console.log('ID Token correctly decoded', decodedIdToken); admin.auth().getUser(decodedIdToken.uid).then((userRecord) => { req.user = userRecord; next(); }).catch(error => { console.error('Error while getting Firebase User record:', error); res.status(403).json({error: 'Unauthorized'}); }); }).catch(error => { console.error('Error while verifying Firebase ID token:', error); res.status(403).json({error: 'Unauthorized'}); }); }
/** User delete endpoint. */ app.get('/delete', function (req, res) { const sessionCookie = req.cookies.session || ''; res.clearCookie('session'); if (sessionCookie) { // Verify user and then delete the user. admin.auth().verifySessionCookie(sessionCookie, true).then(function(decodedClaims) { return admin.auth().deleteUser(decodedClaims.sub); }) .then(function() { // Redirect to login page on success. res.redirect('/'); }) .catch(function() { // Redirect to login page on error. res.redirect('/'); }); } else { // Redirect to login page when no session cookie available. res.redirect('/'); } });
/** User signout endpoint. */ app.get('/logout', function (req, res) { // Clear cookie. const sessionCookie = req.cookies.session || ''; res.clearCookie('session'); // Revoke session too. Note this will revoke all user sessions. if (sessionCookie) { admin.auth().verifySessionCookie(sessionCookie, true).then(function(decodedClaims) { return admin.auth().revokeRefreshTokens(decodedClaims.sub); }) .then(function() { // Redirect to login page on success. res.redirect('/'); }) .catch(function() { // Redirect to login page on error. res.redirect('/'); }); } else { // Redirect to login page when no session cookie available. res.redirect('/'); } });
if (new Date().getTime() / 1000 - decodedClaims.auth_time < 5 * 60) { return admin.auth().createSessionCookie(idToken, {expiresIn: expiresIn});
return admin.auth().getUser(decodedClaims.sub).then(function(userRecord) { const html = '<!DOCTYPE html>' + '<html>' +
const validateFirebaseIdToken = (req, res, next) => { if (!req.headers.authorization || !req.headers.authorization.startsWith('Bearer ')) { console.error('No Firebase ID token was passed as a Bearer token in the Authorization header.', 'Make sure you authorize your request by providing the following HTTP header:', 'Authorization: Bearer <Firebase ID Token>'); res.status(403).json({error: 'Unauthorized'}); return; } const idToken = req.headers.authorization.split('Bearer ')[1]; admin.auth().verifyIdToken(idToken).then(decodedIdToken => { console.log('ID Token correctly decoded', decodedIdToken); admin.auth().getUser(decodedIdToken.uid).then((userRecord) => { req.user = userRecord; next(); }).catch(error => { console.error('Error while getting Firebase User record:', error); res.status(403).json({error: 'Unauthorized'}); }); }).catch(error => { console.error('Error while verifying Firebase ID token:', error); res.status(403).json({error: 'Unauthorized'}); }); }