An Interest In:
Web News this Week
- April 18, 2024
- April 17, 2024
- April 16, 2024
- April 15, 2024
- April 14, 2024
- April 13, 2024
- April 12, 2024
Firebase Auth | Understanding The Auth
NOTE: This blog post assumes that you are at-least familiar with setting up firebase SDK
If you don't I'd recommend reading my blog on firebase firestore first
If you've built an application, you've probably had to deal with authentication and authorization
Contrary to Popular Beliefauthentication !== authorization
Difference Between Authentication and Authorization
The School has a Principal
He Decides
- If a Student Joins the School
- If a Student Gets Debarred
- If a Student Gets Promoted (Despite Failing Tests)
- If a Student Gets Demoted...
The School also has a Security Guard
He Decides
- If/When a Person can Enter the Campus
- If/When a Person can Leave the Campus...
Now as an AnalogyAuthentication: Principal
Authorization: Security Guard
Authentication
What is Authentication
The Process of Verifying the Identity of a User
Steps in Authentication
- Creating An Account
- Verifying An Account Email Address
- Login/Sign-In
- Password Recovery
- Sign Out
Firebase Authentication
1. Creating An Account
firebase.auth().createUserWithEmailAndPassword( email, password);
NOTE: You Receive a Promise from any Function from Firebase
2. SignOut
firebase.auth().signOut()
NOTE: Firebase removes the token stored on the client's localStorage (indexdb to be precise). It'll talk about it in detail in
Authorization
3. Login
firebase.auth().signInWithEmailAndPassword( email, password)
4. Verifying An Account Email
// sends a pre-templated message to a specified email addressfirebase.auth().sendEmailVerification( email,);
5. Password Recovery
firebase.auth().sendPasswordResetEmail( email);
Authorization
What is Authorization
The Process of Controlling Access to an Asset
How Does Firebase Authorize
- When Ever A User's Auth State Changes
- It Updates A User Token> Very Similar To JWT but not restricted to web application
- If A Valid User Token is Present, A User is allowed to Access the Resource
Accessing User Token / Checking Auth State
firebase.auth().onAuthStateChanged((user) => { if (user) { // User is signed in, see docs for a list of available properties // https://firebase.google.com/docs/reference/js/firebase.User var uid = user.uid; }});
Original Link: https://dev.to/lucidmach/firebase-auth-understanding-the-auth-17go
Dev To
An online community for sharing and discovering great ideas, having debates, and making friendsMore About this Source Visit Dev To