CODEWITHSUNDEEP
firebasefirebase-authentication
Moritz
Moritz

Reputation: 1125

How to persist firebase Authentication from firebase REST API

Signing in into my firebase app via REST https://firebase.google.com/docs/reference/rest/auth only returns tokens which expire after 1 hour (3600 seconds, according to the REST response). I don't see any way to change this.

Using firebase JS SDK, the authentication persists "forever", which is what I would like to achieve. However I do not want to include the JS SDK in my app, if there is a way around it (mostly because of its size (~700kb)).

Is there a way to obtain a persistent login from the official firebase REST api?

Upvotes: 2

Views: 877

Answers (2)

HumanCEO
HumanCEO

Reputation: 2571

You can make a persistent API key for Firestore REST API!

  1. Go to Google Coud Console Api & Services -> Credentials or open url https://console.cloud.google.com/apis/credentials?project=%your_project_id%
  2. Press + Create Credentials
  3. Choose API key
  4. Copy API key (you may want to restrict it's scope later) for use in request url

Now use this key with Rest API requests appending key= with api key to the end of url.

For example:

const G_CLOUD_KEY = %YOUR_OBTAINED_KEY%;
const url = `https://firestore.googleapis.com/v1/projects/${projectId}/databases/(default)/documents/${collectionId}/{documentId}?key=${G_CLOUD_KEY}`
        
const reponse = await fetch(url, {
 method: 'GET',
 headers: {
   'Content-Type': 'application/json'
    }
  })
.then(response => response.json())

Upvotes: 0

Renaud Tarnec
Renaud Tarnec

Reputation: 83191

Using firebase JS SDK, the authentication persists "forever"

This is because the JS SDK automatically takes in charge the action of getting a new user's Firebase ID token when the current one expires, by using the refresh token. See the doc.

So you need to implement this mechanism yourself when you work with the Firebase Auth REST API, by using the endpoint that allows exchanging a refresh token for an ID token.

For that you should use the refresh token you received the last time you logged in, e.g. by using the endpoint that signs in a user with email/password, or the last time you refreshed the ID token (see below).

You'll get a response which contains the new Firebase ID token and refresh token. Next time this new ID token expires, use again the refresh token, and so forth...

Upvotes: 4

Related Questions