Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Get user's token to send it to backend via HTTPS #11

Open
aynzad opened this issue Jun 18, 2024 · 3 comments
Open

Get user's token to send it to backend via HTTPS #11

aynzad opened this issue Jun 18, 2024 · 3 comments

Comments

@aynzad
Copy link

aynzad commented Jun 18, 2024

Hi, Thanks for the amazing library. I have one question (or, if it is missing, a feature request):

After the user logs in to my app, I want to send API requests to my HTTPS backend server, and I need the Firebase 'idToken' to verify my user's identity.

Is it possible to get the 'idToken' from the 'userInfo'?
@SwiftfulThinking
Copy link
Owner

SwiftfulThinking commented Jun 18, 2024 via email

@aynzad
Copy link
Author

aynzad commented Jun 18, 2024

I have Firebase on my server with the same exact configuration, so on the server I can verify the token and get user's info, something line this:

// idToken comes from the client app
getAuth()
  .verifyIdToken(idToken)
  .then((decodedToken) => {
    const uid = decodedToken.uid;
    // ...
  })
  .catch((error) => {
    // Handle error
  });

So I'm thinking of storing idToken in client and send it via request header to the server

@vamsii777
Copy link
Contributor

You shouldn't store idToken as, idToken often have a very short lifetime, instead if there's a method where we can send the idToken to server would be great!

An example on retrieving the idToken after login.

do {
    let idToken = try await firebaseUser.getIDToken()
    _ = try await sendIdTokenToServer(idToken: idToken, endpoint: .authLink)
  } catch {
     print("Error retrieving Firebase ID token: \(error)")
 }

Here's an example sendIdTokenToServer

func sendIdTokenToServer(idToken: String, endpoint: Endpoint) async throws -> String {
        let networkManager = NetworkingManager.shared
        
        let session = URLSession.shared
        
        // Send the ID token to the 'authLink' endpoint
        let _: Void = try await networkManager.request(session: session, endpoint)
        
        
        // Retrieve access and refresh tokens from the 'auth' endpoint
        let tokens: AuthResponse = try await networkManager.request(session: session, .auth, type: AuthResponse.self)
        
        print("TOKENS: \(tokens)")
        
        // Save tokens securely in Keychain
        try saveTokensInKeychain(accessToken: tokens.data.accessToken, refreshToken: tokens.data.refreshToken, expiresIn: tokens.data.expires)
        
        return tokens.data.accessToken
    }

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@aynzad @vamsii777 @SwiftfulThinking