有没有办法在触发 Cloud 功能之前检查用户是否已获得firebase授权? (或在功能内)
是 . 您需要发送Firebase ID令牌以及请求(例如,在AJAX请求的 Authorization 标头中),然后使用Firebase Admin SDK对其进行验证 . Cloud Functions for Firebase示例存储库中有一个in-depth example . 它看起来像这样(对于SO帖子做得更短):
Authorization
const functions = require('firebase-functions'); const admin = require('firebase-admin'); const cors = require('cors')(); const validateFirebaseIdToken = (req, res, next) => { cors(req, res, () => { const idToken = req.headers.authorization.split('Bearer ')[1]; admin.auth().verifyIdToken(idToken).then(decodedIdToken => { console.log('ID Token correctly decoded', decodedIdToken); req.user = decodedIdToken; next(); }).catch(error => { console.error('Error while verifying Firebase ID token:', error); res.status(403).send('Unauthorized'); }); }); }; exports.myFn = functions.https.onRequest((req, res) => { validateFirebaseIdToken(req, res, () => { // now you know they're authorized and `req.user` has info about them }); });
1 回答
是 . 您需要发送Firebase ID令牌以及请求(例如,在AJAX请求的
Authorization标头中),然后使用Firebase Admin SDK对其进行验证 . Cloud Functions for Firebase示例存储库中有一个in-depth example . 它看起来像这样(对于SO帖子做得更短):