node.js - Where to store key during Firebase custom login -
i coupling node.js firebase , planning use linkedin log users in.
on backend have:
var firebasetokengenerator = require("firebase-token-generator"); var mysecret = 'xxxxx' module.exports = function (app, passport) { app.get('/fire', function (req, res) { var tokengenerator = new firebasetokengenerator(mysecret); var token = tokengenerator.createtoken({ "app_user_id": 123x, "ismoderator": true }); res.render('firebase-index.ejs', {token: token, kale: 'mazing'}); }) }; on template firebase-index.ejs:
here i'm not sure how store token use during auth. cant seem directly use unless insert dom element
<span id="token"><%= token %><span> then can access 'token.textcontent' below
dataref.auth(token.textcontent, function(error) { if(error) { console.log("login failed!", error); } else { console.log("login succeeded!"); console.log(token.textcontent); } }); is safe/ preferred way this? also, after log in, how access auth variable? thanks
most of time in modern apps, you'd make request server api auth token, rather sending auth token part of html body. done making http call end, return json object (i.e. asynchronous request).
server code (assuming express):
var firebasetokengenerator = require("firebase-token-generator"); var tokengenerator = new firebasetokengenerator(process.env.firebase_secret); app.get('/authtoken', function(req, res){ var token = tokengenerator.createtoken({some: "arbitrary", data: "here"}); res.json(token); }); client code (assuming jquery):
$.getjson( "https://server/authtoken", function( token ) { console.log(token); }); if you're stuck returning part of view/html data, inject directly javascript variable (since generating , know not contain malicious code).
here i'll use window (i.e. global) you'd prefer have scoped object (e.g. myapp.config.authtoken) attach instead.
<script>window.authtoken = '<%= token %>';<script>
Comments
Post a Comment