Firebase 身份验证 - 设置会话过期
如何为 Firebase 身份验证会话设置会话过期时间?默认情况下,会话永不过期。
我希望会话在 8 小时不活动后到期。
我已阅读文档,但无法弄清楚如何设置会话到期时间。
我用于登录用户并在登录和注销时执行任务的代码
firebase.auth().signInWithEmailAndPassword(data.email, data.password)
firebase.auth().onAuthStateChanged((user) => {
if (user) {
//Signed in
}else{
//Signed out
}
}
感谢所有回复!我试过但似乎无法让 Firebase-admin 工作。
Firebase-db.js
const admin = require('firebase-admin')
const databaseConnection = {
serviceAccountFile: './serviceAccount.json',
databaseURL: 'https://myProject.firebaseio.com/'
}
const serviceAccount = require(databaseConnection.serviceAccountFile)
const app = admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
databaseURL: databaseConnection.databaseURL
}, 'test')
const database = admin.database(app)
module.exports = database
sessionSignout.js
const functions = require('firebase-functions')
const database = require('../../firebase-db')
const admin = database.admin
exports.sessionSignout = functions
.region('europe-west1')
.pubsub
.schedule('*/15 * * * *')
.timeZone('Europe/Stockholm')
.onRun(async (event) => {
database.ref(`users`)
.once('value', (usersSnapshots) => {
usersSnapshots.forEach((snapshot) => {
const uid = snapshot.key
admin.auth().revokeRefreshTokens(uid)
})
})
}
我得到错误
错误:函数执行失败。详细信息:无法读取未定义的属性“auth”
饮歌长啸浏览 217回答 2
2回答
-
互换的青春
您链接的文档说您可以使用 Firebase Admin SDK撤销用户的刷新令牌以终止他们的会话。此代码必须在您控制的后端上运行,这意味着您将无法在客户端应用程序中执行此操作。无论您选择什么定义,后端都需要知道用户何时变得“不活动”。将这一切连接起来并非易事,但却是可能的。 -
料青山看我应如是
我只是想分享我的代码供其他人使用。我已经有了代码来适应存在意识。索引.jsimport database from './firebase/firebase' //Firebase setup for clientfirebase.auth().onAuthStateChanged((user) => { //Handle login and redirect if (user) { //We are logged in addPresenceAwarenessListener() }else{ ... }}const addPresenceAwarenessListener = () => { // Create a reference to the special '.info/connected' path in // Realtime Database. This path returns `true` when connected // and `false` when disconnected. database.ref('.info/connected').on('value', (snapshot) => { // If we're not currently connected, don't do anything. if (snapshot.val() == false) { return } const uid = firebase.auth().currentUser.uid //Push last login/logout to user profile const userLastLoginOutRef = database.ref(`users/${uid}`) userLastLoginOutRef.onDisconnect().update({lastLoginOut: firebase.database.ServerValue.TIMESTAMP}) .then(() => { userLastLoginOutRef.update({lastLoginOut: firebase.database.ServerValue.TIMESTAMP}) }) })}会话处理 - 在n小时后过期会话(在数据库中设置“sessExp”)firebase-db.js - 云功能的基本 Firebase 设置const admin = require('firebase-admin')const databaseConnection = { serviceAccountFile: './my-project.json', databaseURL: 'https://my-project.firebaseio.com/'}const serviceAccount = require(databaseConnection.serviceAccountFile)const app = admin.initializeApp({ credential: admin.credential.cert(serviceAccount), databaseURL: databaseConnection.databaseURL}, 'remindMiNotifier')const database = admin.database(app)module.exports = databasesessionSignout.js - 在特定时间段后注销用户 - 如果指定。默认为永久会话。const functions = require('firebase-functions')const moment = require('moment')const database = require('../../firebase-db')const admin = database.app//Import enviroment variable config (.env)require('dotenv').config()//Export cron job - deploy: firebase deploy --only functions:sessionSignoutexports.sessionSignout = functions.region('europe-west1').pubsub.schedule('*/15 * * * *').timeZone('Europe/Stockholm').onRun(async (event) => { //Start execution const now = moment() const defaultSessionTime = 0 //Eternal session //Get all users and calculate inactive time - time since last login let logoutUsersArray = [] await database.ref(`users`) .once('value', (usersSnapshots) => { usersSnapshots.forEach((snapshot) => { const userData = snapshot.val() const lastLoginOut = (userData.lastLoginOut) ? userData.lastLoginOut : 0 //Only process users that has a login/out time stamp if(lastLoginOut > 0){ const userSessionTime = (userData.sessExp) ? userData.sessExp : defaultSessionTime const hoursSinceLastLoginOut = now.diff(lastLoginOut, 'hours') const logoutUser = ( userSessionTime > 0 && (hoursSinceLastLoginOut > userSessionTime) ) if(logoutUser){ const userId = snapshot.key const userName = (userData.alias) ? userData.alias : userData.displayName const email = (userData.email) ? userData.email : '' const userObject = { userId, userName, email, lastLoginOut, diffHours: now.diff(lastLoginOut, 'hours') } logoutUsersArray.push(userObject) } } }) }) console.log('logoutUsersArray', logoutUsersArray) //Collect all promises to carry out let myPromises = [] // Revoke all refresh tokens for each user logoutUsersArray.forEach((logoutUser) => { const uid = logoutUser.userId myPromises.push( admin.auth().revokeRefreshTokens(uid) .then(() => { return admin.auth().getUser(uid) }) .then((userRecord) => { return new Date(userRecord.tokensValidAfterTime).getTime() / 1000 }) .then((timestamp) => { // Retrieve the timestamp of the revocation, in seconds since the epoch. console.log('Tokens revoked at: ', timestamp) return Promise.resolve(true) }) .catch((err) => { console.error('Error', err) return Promise.reject(err) }) ) }) //Execute promises console.log('Execute promises') return Promise.all(myPromises) .then(() => Promise.resolve(true)) .catch((err) => { console.error('Error', err) return Promise.reject(err) })})//End sessionSignout
随时随地看视频慕课网APP
相关分类
JavaScript