如何在启用身份验证的情况下将 reactJS 应用程序与 Google Cloud Functions 和 Cloud Run 集成?
[英]How to integrate reactJS app with Google Cloud Functions and Cloud Run with authentication enabled?
问题描述
I'm developing a reactJS app that will run in browser.
我正在开发一个将在浏览器中运行的 reactJS 应用程序。 I want to make request from that app to services deployed in Google Cloud Run and Google Cloud Functions, both with authentication enabled, but I don't know how to authenticate requests.我想从该应用程序向部署在 Google Cloud Run 和 Google Cloud Functions 中的服务发出请求,两者都启用了身份验证,但我不知道如何对请求进行身份验证。
I have a Service Account credentials with permissions to invoke those services but I cannot use default credentials due to reactJS environment variables names and I cannot use the NodeJS Google Cloud SDK.我有一个有权调用这些服务的服务帐户凭据,但由于 reactJS 环境变量名称,我无法使用默认凭据,而且我无法使用 NodeJS Google Cloud SDK。
How can I authenticate request to Cloud Functions/Cloud Run from reactJS apps outside of Google Cloud?如何验证来自 Google Cloud 之外的 reactJS 应用程序对 Cloud Functions/Cloud Run 的请求?
1 个解决方案
解决方案1
2 已采纳 2022-03-01 22:02:24
You have to use client side authentication mechanism.您必须使用客户端身份验证机制。 Firebase Auth works very well, and you have the Google Cloud version name Google Identity Platform . Firebase Auth运行良好,并且您拥有 Google Cloud 版本名称Google Identity Platform 。
EDIT 1编辑 1
If your user aren't authenticated, you can't use authentication services.如果您的用户未通过身份验证,则无法使用身份验证服务。 You should want to limit the access, the cost, the abuse of your Cloud Functions and Cloud Run services.您应该希望限制对 Cloud Functions 和 Cloud Run 服务的访问、成本和滥用。 For that, you need to use an API Gateway , such as Google Cloud API Gateway, or a more entreprise grade with APIGee .为此,您需要使用API 网关,例如 Google Cloud API 网关,或者使用APIGee的更企业级。
You can also use a HTTPS Load Balancer in front of Cloud Functions or Cloud Run and activate Cloud Armor to prevent attacks on your service (but it's not a rate limit).您还可以在Cloud Functions 或 Cloud Run 前面使用HTTPS 负载均衡器并激活Cloud Armor以防止对您的服务的攻击(但这不是速率限制)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.