SwiftfulFirebaseAuth icon indicating copy to clipboard operation
SwiftfulFirebaseAuth copied to clipboard

Published 20 hours ago verified publisher icon SwiftfulThinking

Get user's token to send it to backend via HTTPS

Open aynzad opened this issue 1 year ago • 3 comments

Hi, Thanks for the amazing library. I have one question (or, if it is missing, a feature request):

After the user logs in to my app, I want to send API requests to my HTTPS backend server, and I need the Firebase 'idToken' to verify my user's identity.

Is it possible to get the 'idToken' from the 'userInfo'?

aynzad avatar Jun 18 '24 07:06 aynzad

I can make an update. How do you normally get it from Firebase auth?Sent from my iPhoneOn Jun 18, 2024, at 3:08 AM, Alireza Esfahani @.***> wrote: Hi, Thanks for the amazing library. I have one question (or, if it is missing, a feature request): After the user logs in to my app, I want to send API requests to my HTTPS backend server, and I need the Firebase 'idToken' to verify my user's identity. Is it possible to get the 'idToken' from the 'userInfo'?

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you are subscribed to this thread.Message ID: @.***>

SwiftfulThinking avatar Jun 18 '24 13:06 SwiftfulThinking

I have Firebase on my server with the same exact configuration, so on the server I can verify the token and get user's info, something line this:

// idToken comes from the client app
getAuth()
  .verifyIdToken(idToken)
  .then((decodedToken) => {
    const uid = decodedToken.uid;
    // ...
  })
  .catch((error) => {
    // Handle error
  });

So I'm thinking of storing idToken in client and send it via request header to the server

aynzad avatar Jun 18 '24 14:06 aynzad

You shouldn't store idToken as, idToken often have a very short lifetime, instead if there's a method where we can send the idToken to server would be great!

An example on retrieving the idToken after login.

do {
    let idToken = try await firebaseUser.getIDToken()
    _ = try await sendIdTokenToServer(idToken: idToken, endpoint: .authLink)
  } catch {
     print("Error retrieving Firebase ID token: \(error)")
 }

Here's an example sendIdTokenToServer

func sendIdTokenToServer(idToken: String, endpoint: Endpoint) async throws -> String {
        let networkManager = NetworkingManager.shared
        
        let session = URLSession.shared
        
        // Send the ID token to the 'authLink' endpoint
        let _: Void = try await networkManager.request(session: session, endpoint)
        
        
        // Retrieve access and refresh tokens from the 'auth' endpoint
        let tokens: AuthResponse = try await networkManager.request(session: session, .auth, type: AuthResponse.self)
        
        print("TOKENS: \(tokens)")
        
        // Save tokens securely in Keychain
        try saveTokensInKeychain(accessToken: tokens.data.accessToken, refreshToken: tokens.data.refreshToken, expiresIn: tokens.data.expires)
        
        return tokens.data.accessToken
    }

vamsii777 avatar Jun 19 '24 05:06 vamsii777