前后端访问相同的firebase用户

Question

I'm trying to understand how to continue a user session started client side in my backend server.

I'm using NextJS for my client app and go Gin for backend api calls.

I have some client code that allows a user to login using firebase auth:

import { getAuth, signInWithRedirect, GoogleAuthProvider } from 'firebase/auth'

export default function Login() {
  const provider = new GoogleAuthProvider()
  const auth = getAuth()

  return (
    <div>
      <ul>
        <li>
          <button onClick={() => signInWithRedirect(auth, provider)}>Sign In With Google</button>
        </li>
      </ul>
    </div>
  )
}

This is great and works with very little work on my part. Once a user clicks the button, and follows the login instructions, my client app understands who they are using the firebase libraries.

Now I want to make a request to my go gin backend as this current user. How can I continue the session in my backend code as the user who is logged in to my client app? Ideally I would be able to:

1. Log in the client app as user123 .
2. Make a request to my backend.
3. My backend understands that the request came from my client as user123 .
4. My backend makes some request to other firebase services as user123 like creating or updating a Firestore document.

I'm not sure how to go about doing #3. This seems like a common thing and I'm actively looking into what I need to do. I'll answer my own question if I can, but any advice is appreciated.

Answer 1

You'll want to pass the user's ID token from your client to the server, which can then verify the ID token and based on that determine whether the user is authorized.

But there's no way to then impersonate that user from your server in calls to Firebase. So you'll have to do the authorization checks for that yourself.