Integrating Firebase authentication for email/password
Unanswered
American Wirehair posted this in #help-forum
American WirehairOP
Hello everyone, I am new to react js.
I will try to explain what I am trying to achieve:
- I have a backend server written in spring boot, it exposes a REST api. all requests to this server must contains a jwt token which is verified before processing the request.
- These jwt token are issued by firebase auth.
- So here is where i couldn't get right: The user must authenticate in the front end using a simple login form. Ideally what should happen here is to verify the credentials using firebase sdk using the method signInWithEmailAndPassword which returns a user credential object which will generate a token every time it expires. I don't know how to store this object.
Is this the right approach to take?
And how can I implement this flow?
And thank you in advance x)
I will try to explain what I am trying to achieve:
- I have a backend server written in spring boot, it exposes a REST api. all requests to this server must contains a jwt token which is verified before processing the request.
- These jwt token are issued by firebase auth.
- So here is where i couldn't get right: The user must authenticate in the front end using a simple login form. Ideally what should happen here is to verify the credentials using firebase sdk using the method signInWithEmailAndPassword which returns a user credential object which will generate a token every time it expires. I don't know how to store this object.
Is this the right approach to take?
And how can I implement this flow?
And thank you in advance x)
7 Replies
American black bear
Cant you store the JWT token as a httpOnly cookie and work with that?
Example how i undestand it
Login generates JWT -> Store JWT to cookie
Load JWT from Cookie -> Request from API
Login generates JWT -> Store JWT to cookie
Load JWT from Cookie -> Request from API
@American black bear Cant you store the JWT token as a httpOnly cookie and work with that?
American WirehairOP
and what about when it gets expired? I don't want the user to login again? Also how would the nextjs app know that I am logged in?
American black bear
The question is can you request a new token with a old token?
Say the Token expires every 20 Minutes, then refresh the token on the first request when the token is 10 Minutes old
American WirehairOP
I can login using this method from firebase sdk but then i don't know how to store the user object in server side for each logged in user?
let userCredential = await signInWithEmailAndPassword(firebase_auth, credentials.email, credentials.password)
if (userCredential.user) {
return userCredential.user;
}
American black bear
The token is a element you can save as httpOnly and with some cookie signing with this you can request userInfos when needed or you need to think how to store a sesson on a KeyValue Store Service where you can save the USerCredential.user data with this accessToken and send a seperate token to the browser that represends this combination
Based on https://firebase.google.com/docs/reference/js/auth.md#example_9
const credential = provider.credentialFromResult(auth, userCredential);
const token = credential.accessToken;Based on https://firebase.google.com/docs/reference/js/auth.md#example_9