Rotem Slootzky Rotem Slootzky - 6 months ago 59
Node.js Question

Is Firebase 3 node.js server authentication going to change?

Right now seems like the only way to authenticate a node.js server is by passing the a service account private key which means the private key lays in RAM which is something that clearly won't pass a security review.

Is this method going to change sometimes soon to something like passing a token with expiration which can be generated in a secured manner somewhere else?
I'm talking about something like Firebase 2 authentication (but not HS256 with a shared secret)
would love to get a comment from Firebase's engineers team.


just to answer that.

you can do something like this :

  var config = {
  apiKey: "<API_KEY>",
  authDomain: "<PROJECT_ID>",
  databaseURL: "https://<DATABASE_NAME>",
  storageBucket: "<BUCKET>",

and then doing


before calling


you can get your config by going to your firebase's app overview (<APP_NAME>/overview) and pressing "Add firebase to your web app"