-
-
Save jwv/c820e313b89cefe65bfb62a14986d16f to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const admin = require("admin"); | |
function getFirebaseUser(req, res, next) { | |
console.log("Check if request is authorized with Firebase ID token"); | |
if ( | |
!req.headers.authorization || | |
!req.headers.authorization.startsWith("Bearer ") | |
) { | |
console.error( | |
"No Firebase ID token was passed as a Bearer token in the Authorization header.", | |
"Make sure you authorize your request by providing the following HTTP header:", | |
"Authorization: Bearer <Firebase ID Token>" | |
); | |
res.status(403).send("Unauthorized"); | |
return; | |
} | |
console.log("Found 'Authorization' header"); | |
const idToken = req.headers.authorization.split("Bearer ")[1]; | |
admin | |
.auth() | |
.verifyIdToken(idToken) | |
.then(decodedIdToken => { | |
console.log("ID Token correctly decoded", decodedIdToken); | |
req.user = decodedIdToken; | |
next(); | |
}) | |
.catch(error => { | |
console.error("Error while verifying Firebase ID token:", error); | |
res.status(403).send("Unauthorized"); | |
}); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment