在 firebase 云函数中使用 express `app.get()` 访问文件

Question

I try to use Firebase Hosting in combination with Firebase Functions, so that only users with a valid Firebase token can access the.html-content.

I am able to send the token within my iOS-App when accessing Firebase Hosting, and my Cloud Function gets called and decodes the token sucessfully (I see 'ID Token correctly decoded' inside my Firebase Function-log).

Afterwards the index.html should be opened, which i have inside a subfolder (/myhomepage) of my /functions folder (so not inside "/public").

I always get the error inside my App-Browser: "Cannot GET /"

The Firebase-Functions-Log says: "Function execution took 1654 ms, finished with status code: 404"

The code inside index.js:

const admin = require("firebase-admin");
const functions = require('firebase-functions');
const express = require('express');
const cookieParser = require('cookie-parser')();
const cors = require('cors')({origin: true});
const app = express();

admin.initializeApp();

let db = admin.firestore();

// Express middleware that validates Firebase ID Tokens passed in the Authorization HTTP header.
// The Firebase ID token needs to be passed as a Bearer token in the Authorization HTTP header like this:
// `Authorization: Bearer <Firebase ID Token>`.
// when decoded successfully, the ID Token content will be added as `req.user`.
const validateFirebaseIdToken = async (req, res, next) => {
  functions.logger.log('Check if request is authorized with Firebase ID token');

  if ((!req.headers.authorization || !req.headers.authorization.startsWith('Bearer ')) &&
      !(req.cookies && req.cookies.__session)) {
    functions.logger.error(
      'No Firebase ID token was passed as a Bearer token in the Authorization header.',
      'Make sure you authorize your request by providing the following HTTP header:',
      'Authorization: Bearer <Firebase ID Token>',
      'or by passing a "__session" cookie.'
    );
    res.status(403).send('Unauthorized');
    return;
  }

  let idToken;
  if (req.headers.authorization && req.headers.authorization.startsWith('Bearer ')) {
    functions.logger.log('Found "Authorization" header');
    // Read the ID Token from the Authorization header.
    idToken = req.headers.authorization.split('Bearer ')[1];
  } else if(req.cookies) {
    functions.logger.log('Found "__session" cookie');
    // Read the ID Token from cookie.
    idToken = req.cookies.__session;
  } else {
    // No cookie
    res.status(403).send('Unauthorized');
    return;
  }

  try {
    const decodedIdToken = await admin.auth().verifyIdToken(idToken);
    functions.logger.log('ID Token correctly decoded', decodedIdToken);
    req.user = decodedIdToken;
    next();
    return;
  } catch (error) {
    functions.logger.error('Error while verifying Firebase ID token:', error);
    res.status(403).send('Unauthorized');
    return;
  }
};

app.use(cors);
app.use(cookieParser);
app.use(validateFirebaseIdToken);
app.get('/myhomepage', (req, res) => { // <-- The problem seems to be here
    functions.logger.log('Calling get.'); // This line does not get called in my log.
    res.status(200).sendFile('/index.html');
});

exports.myfunction = functions.https.onRequest(app);

How do I access content inside "/functions/myhomepage" after the token was successfully decoded?

Answer 1

Normally you can end only an HTTP function with send() , redirect() , or end() , see the doc .

I've never tried, but I don't think using sendFile() would work. If you want to redirect the user to a static page available through Firebase Hosting, you should use redirect() . The other possibility is to pass an HTML string to the send() method, see here .