Adam nick Adam nick - 8 months ago 172
Javascript Question

how to modify laravel middleware to work with firebase authentication

I am working in laravel and firebase as a backend for authentication and data storage. I am using firebase provided js code to signin the user

firebase.auth().signInWithEmailAndPassword(email, password).catch(function(error) {
// Handle Errors here.
var errorCode = error.code;
var errorMessage = error.message;
// ...

The problem is that I want to protect my routes from non-authenticated users. How would I check this in my middleware that user is logged in or not because js stores current user's uid in localStorage. Do I have to use a separate database for this purpose? Please help me to go in right direction.


You have to call:

 auth.currentUser.getToken().then(function(token) {
   // The Firebase id token is returned here.
   // You will have to send that along your requests to your server.
   // Keep in mind this is a short lived token
   // You have to call getToken each time you need it in case
   // it is auto refreshed underneath.

Currently, Firebase provides node.js and java backend libraries to verify the token (to check the user is logged in).

A php library is in the works. When it is ready, it should provide similar functionality for minting custom tokens and verifying Firebase id tokens.