[英]Python Firebase authentication
So I am trying to obtain some data from Firebase, which ofcourse has some rules/security constraints defined. 所以我试图从Firebase获取一些数据,其中有一些规则/安全约束被定义。 I can authenticate my user from the Login & Auth tab, and I'd like to get data from firebase, however my user is still not authenticated. 我可以从Login&Auth选项卡验证我的用户,并且我想从firebase获取数据,但我的用户仍然没有经过身份验证。
user = ref.authenticate(email, password)
, which returns the following for user
user = ref.authenticate(email, password)
,为user
返回以下内容
{
u'token':{some long token here}',
u'user':{
u'uid':u'ef44b781-8842-4f28-abf0-2ac9aa0b2bea',
u'provider':u'password',
u'email':u'user@email.com',
u'isTemporaryPassword':False,
u'sessionKey':u'{session key here}}',
u'md5_hash':u'{md5_hash here}}',
u'id':u'ef44b781-8842-4f28-abf0-2ac9aa0b2bea'
}
}
Now that I know the user is authenticated (otherwise it returns something along the lines of an error, I would like to do a simple GET conversations = firebase.get(FIREBASE_NAME + '/conversations/' + me)
, where 'me' is the user['user']['uid']
现在我知道用户已经过身份验证(否则它会返回错误的内容,我想做一个简单的GET conversations = firebase.get(FIREBASE_NAME + '/conversations/' + me)
,其中'我'是user['user']['uid']
I have the following structure for conversations
: 我有以下conversations
结构:
conversations/my-uid/other-uid/{data}
I would think my user is authenticated, still it returns a PermissionDenied 我认为我的用户已经过身份验证,但仍返回PermissionDenied
EDIT Solved this by using a different library you can find here . 编辑通过使用您可以在此处找到的不同库解决此问题 。 The initial library I used did not support authentication, while this one does. 我使用的初始库不支持身份验证,而这个。 The way it was solved, was by implementing some functions from the other one and sending my token as follow: FIREBASE.child('/messages/').get(token=token)
解决方法是通过实现另一个函数并发送我的令牌如下: FIREBASE.child('/messages/').get(token=token)
You should not send passwords in the URL, you can do this way: 您不应该在URL中发送密码,您可以这样做:
__FIREBASE_USER_VERIFY_SERVICE = "https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword"
__FIREBASE_API_KEY = __your_api_key_here__
def user_login(email, passwd):
url = "%s?key=%s" % (__FIREBASE_USER_VERIFY_SERVICE, __FIREBASE_API_KEY)
data = {"email": email,
"password": passwd,
"returnSecureToken": True}
result = requests.post(url, json=data)
is_login_successful = result.ok
json_result = result.json()
return json_result # authToken=> json_result['idToken']
If successful, it will result like: 如果成功,结果如下:
{
"displayName": "",
"email": "your_users_email@example.com",
"expiresIn": "3600",
"idToken": "abc123...",
"kind": "identitytoolkit#VerifyPasswordResponse",
"localId": "UWQ...x2",
"refreshToken": "def098...",
"registered": true
}
If fails (wrong password etc) : 如果失败(密码错误等):
{
"error": {
"code": 400,
"errors": [
{
"domain": "global",
"message": "INVALID_PASSWORD",
"reason": "invalid"
}
],
"message": "INVALID_PASSWORD"
}
}
or may be 或者可能
{
"error": {
"code": 400,
"errors": [
{
"domain": "global",
"message": "MISSING_PASSWORD",
"reason": "invalid"
}
],
"message": "MISSING_PASSWORD"
}
}
Solved this by using a different library you can find here . 通过使用您可以在这里找到的不同库解决了这个问题 。 The initial library I used did not support authentication, while this one does. 我使用的初始库不支持身份验证,而这个。 The way it was solved, was by implementing some functions from the other one and authenticate as follows: 解决方法是通过实现另一个函数的一些功能并进行如下验证:
def auth_with_password(self, email, password):
request_ref = 'https://auth.firebase.com/auth/firebase?firebase={0}&email={1}&password={2}'.\
format(self.fire_base_name, email, password)
request_object = self.requests.get(request_ref)
return request_object.json()
Then to make an authorized call, do this 然后进行授权呼叫,执行此操作
user = auth_with_password(email, password)
token = user['user']['token']
FIREBASE.child('/messages/').get(token=token)
Make sure your token is correct. 确保您的令牌是正确的。 The library supports this, but otherwise I would suggest that you use Firebase token generator for Python 该库支持此功能,但我建议您使用Firebase令牌生成器进行Python
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.