Reputation: 1461
Should I try not to save Firebase Auth on LocalStorage
While preparing my web app for production I am noticing that Firebase saves a lot of users's data once they sign up/register to my app and these data is save on localStorage.
What is my concern is auto generated uid, I don't want users to be able to know their own uid and I don't want that piece of data to be saved on localStorage.
So I have two questions, should I concern about this ? since I do not have so much experience with authentication in general and I am afraid someone could do something...
Is there any way to remove the localStorage and firebase auth to work correctly ?
Cheers
Upvotes: 3
Views: 2452
Answers (2)
Reputation: 30818
Do not rely on uid to identify an authenticated user. You should only use the ID token JWT for current user, by calling currentUser.getIdToken() and if you are using your own backend server, verify the ID token using the Firebase Admin SDKs by calling verifyIdToken. Learn more about ID tokens: https://firebase.google.com/docs/auth/admin/verify-id-tokens
Upvotes: 1
Reputation: 2432
No , Because firebase auth is part of authentication with server database. if your trying to do like this then your application will not be able to signup or login.
Upvotes: 0
Related Questions
- Firebase: How to persist auth state?
- ReactJs with Firebase, do I need to store user credentials/token in a local storage?
- When to set Firebase auth state persistence
- Is it safe to store firebase user credential token on local or session storage?
- How to Store Credentials to Local Storage to Allow Firebase Auth to Sign-in
- Firebase authentication persistence
- Does firebase use local storage to persist auth state by default?
- Firebase - keep user signed in while localStorage object is valid
- Firebase and ReactJS - Authentication Using Local Storage
- is it acceptable to store user password in localstore