I am trying to learn how to make a simple authentication application. If I have this in my app.js file,
var logIn = function(req, res) {
const email = req.body.email;
const password = req.body.password;
firebase.auth().signInWithEmailAndPassword(email, password).then(function() {
const user = firebase.auth().currentUser;
const emailVerified = user.emailVerified;
console.log("Email verified status: " + emailVerified);
});
};
var doSomething(req, res) {
var user = firebase.auth().currentUser;
// do something with the variable user
}
this is not ok, right? Because when multiple users log in, the currentUser would just be assigned to the last person who logged in. (Please correct me if that is not true.)
So, I found these:
How to authenticate a firebase user from server without client side auth?
https://firebase.google.com/docs/auth/web/auth-state-persistence
They suggested doing something like this:
firebase.auth().setPersistence(firebase.auth.Auth.Persistence.NONE)
.then(function() {
return firebase.auth().signInWithRedirect(provider);
});
Does this mean, that adding setPersistence = None allows us to use firebase.auth().currentUser on the server-side, AKA in app.js, even when multiple users are logged in?
Can we just declare firebase.auth().setPersistence(firebase.auth.Auth.Persistence.NONE) once in the app.js file or do we need to use promise for each function?
I recently started learning JS and using Firebase. Sorry if some questions are silly. Thanks so much for your help.
