This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
function isSessionValid() { | |
return (request.auth.token.auth_time + (60 * 60 * 24 * 30)) * 1000 > request.time.toMillis(); | |
} | |
allow read: if isSessionValid(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
allow read: if (request.auth.token.auth_time + (60 * 60 * 24 * 30)) * 1000 > request.time.toMillis(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
allow read: if request.auth.token.expiresAt > request.time.toMillis(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
".read": "(auth.token.auth_time + (60 * 60 * 24 * 30)) * 1000 > now" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
".read": "auth.token.expiresAt > now" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
admin.auth().createCustomToken(uid, { | |
// Add a custom claim indicating an expiration time of 30 days. | |
expiresAt: Date.now() + (1000 * 60 * 60 * 24 * 30), | |
}) | |
.then((customToken) => { | |
// Send token back to client for authentication... | |
}) | |
.catch((error) => { | |
console.log("Failed to create custom token:", error); | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const auth = admin.auth(); | |
auth.onAuthStateChanged((user) => { | |
let sessionTimeout = null; | |
if (user === null) { | |
// User is logged out. | |
// Clear the session timeout. | |
sessionTimeout && clearTimeout(sessionTimeout); | |
sessionTimeout = null; | |
} else { | |
// User is logged in. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Token Type | Lifetime | Usage | Generated By | Format | |
---|---|---|---|---|---|
Custom Token | 1 hour | Authenticate Firebase client SDKs | You, via Firebase Admin SDK | JWT | |
ID Token | 1 hour | Authenticate to Firebase services; validate server requests | Firebase | JWT | |
Refresh Token | Long-lived (~1 year) | Generate fresh ID tokens | Firebase | OAuth 2.0 refresh token | |
OAuth Access Token | Varies by provider | Authenticate to third-party identity provider APIs | Third-party identity providers | Varies by provider |