Jacob Wenger jwngr

## rules.js
function isSessionValid() {
  return (request.auth.token.auth_time + (60 * 60 * 24 * 30)) * 1000 > request.time.toMillis();
}

allow read: if isSessionValid();

## rules.json
allow read: if (request.auth.token.auth_time + (60 * 60 * 24 * 30)) * 1000 > request.time.toMillis();

## rules.json
allow read: if request.auth.token.expiresAt > request.time.toMillis();

## rules.json
".read": "(auth.token.auth_time + (60 * 60 * 24 * 30)) * 1000 > now"

## rules.json
".read": "auth.token.expiresAt > now"

## server.js
admin.auth().createCustomToken(uid, {
  // Add a custom claim indicating an expiration time of 30 days.
  expiresAt: Date.now() + (1000 * 60 * 60 * 24 * 30),
})
  .then((customToken) => {
    // Send token back to client for authentication...
  })
  .catch((error) => {
    console.log("Failed to create custom token:", error);
  });

## client.js
const auth = admin.auth();
auth.onAuthStateChanged((user) => {
  let sessionTimeout = null;
  if (user === null) {
    // User is logged out.
    // Clear the session timeout.
    sessionTimeout && clearTimeout(sessionTimeout);
    sessionTimeout = null;
  } else {
    // User is logged in.

## firebase-auth-tokens.tsv

          
            Token Type
            Lifetime
            Usage
            Generated By
            Format

            
              Custom Token
              1 hour
              Authenticate Firebase client SDKs
              You, via Firebase Admin SDK
              JWT

            
              ID Token
              1 hour
              Authenticate to Firebase services; validate server requests
              Firebase
              JWT

            
              Refresh Token
              Long-lived (~1 year)
              Generate fresh ID tokens
              Firebase
              OAuth 2.0 refresh token

            
              OAuth Access Token
              Varies by provider
              Authenticate to third-party identity provider APIs
              Third-party identity providers
              Varies by provider
	function isSessionValid() {
	return (request.auth.token.auth_time + (60 * 60 * 24 * 30)) * 1000 > request.time.toMillis();
	}

	allow read: if isSessionValid();
	admin.auth().createCustomToken(uid, {
	// Add a custom claim indicating an expiration time of 30 days.
	expiresAt: Date.now() + (1000 * 60 * 60 * 24 * 30),
	})
	.then((customToken) => {
	// Send token back to client for authentication...
	})
	.catch((error) => {
	console.log("Failed to create custom token:", error);
	});
	const auth = admin.auth();
	auth.onAuthStateChanged((user) => {
	let sessionTimeout = null;
	if (user === null) {
	// User is logged out.
	// Clear the session timeout.
	sessionTimeout && clearTimeout(sessionTimeout);
	sessionTimeout = null;
	} else {
	// User is logged in.
Token Type	Lifetime	Usage	Generated By	Format
Custom Token	1 hour	Authenticate Firebase client SDKs	You, via Firebase Admin SDK	JWT
ID Token	1 hour	Authenticate to Firebase services; validate server requests	Firebase	JWT
Refresh Token	Long-lived (~1 year)	Generate fresh ID tokens	Firebase	OAuth 2.0 refresh token
OAuth Access Token	Varies by provider	Authenticate to third-party identity provider APIs	Third-party identity providers	Varies by provider