I would like to authorize an user in firebase. I am using a poor JavaScript so I must generate a JWT token on my own but I don't know where put a username and password before create token. How the object should look like?
Asked
Active
Viewed 7,807 times
1 Answers
4
When you mint a custom token for Firebase, you write a set of claims about the user in JSON format:
{
"uid": "myprovider:5764416",
"displayName": "Grajek",
"provider": "myprovider"
}
You then sign this object with your Firebase Secret, which ensures it can only be decoded by someone who also has that secret (such as the Firebase servers).
This is a jsfiddle to generate such a token: http://jsfiddle.net/firebase/XDXu5/ . Be careful not to share your Firebase Secret with anyone accidentally, as that is the key to your kingdom. Well... at least to the data in your Firebase backend.
So you don't specify a username and password anywhere. Instead you make a few claims about your user and sign them with a value that only you (should) know (the Firebase Secret).
It's like you're saying "I, myprovider, assure you that the following claims are true about this user".
Frank van Puffelen
- 565,676
- 79
- 828
- 807
-
Thank you. It is all I need :). – Grajek Jan 13 '16 at 10:03