Reputation: 1724
Passing Firebase Auth Token via SSL to App server
I have some rather heavy/complicated logic that needs to reside on an app server.
The client would request the app server to perform some tasks on firebase data.
Is it safe to pass the user.firebaseauthToken via SSL (in a POST, not url encode) to the app server, where the server could simply use the token for authentication?
Upvotes: 1
Views: 771
Answers (1)
Reputation: 6787
The Auth Token you get from Firebase Simple Login is already being passed over SSL from Firebase to your client - so for you to pass it to your app server over SSL really isn't any different.
One thing you might also consider is eliminating the need to POST anything to your app server. You can setup a worker node that takes advantage of Firebase's real-time data sync to listen for changes to your user's data, and execute whatever processing it needs to when it detects a certain change/state.
Upvotes: 5
Related Questions
- How to share token between Firebase and server?
- Security issue with verifying firebase token on server side?
- How to pass Firebase Auth Token from client to server?
- How to send firebase auth tokens to backend server?
- How do I send Firebase token to backend (Node / Express) via HTTPS
- Can I handle user authentication with Firebase, but then securely pass authentication information to the server?
- Using firebase jwt to authenticate users to external server\service?
- Using Firebase for server side authentication
- Authenticating servers using Firebase app secret
- Firebase authentication using token