首頁猿問 Firebase 身份驗證 -...

Firebase 身份驗證 - 設置會話過期

JavaScript

飲歌長嘯 2021-11-18 16:34:04

如何為 Firebase 身份驗證會話設置會話過期時間？默認情況下，會話永不過期。我希望會話在 8 小時不活動后到期。我已閱讀文檔，但無法弄清楚如何設置會話到期時間。我用于登錄用戶并在登錄和注銷時執行任務的代碼firebase.auth().signInWithEmailAndPassword(data.email, data.password)firebase.auth().onAuthStateChanged((user) => { if (user) { //Signed in }else{ //Signed out }}感謝所有回復！我試過但似乎無法讓 Firebase-admin 工作。Firebase-db.jsconst admin = require('firebase-admin')const databaseConnection = { serviceAccountFile: './serviceAccount.json', databaseURL: 'https://myProject.firebaseio.com/'}const serviceAccount = require(databaseConnection.serviceAccountFile)const app = admin.initializeApp({ credential: admin.credential.cert(serviceAccount), databaseURL: databaseConnection.databaseURL}, 'test')const database = admin.database(app)module.exports = databasesessionSignout.jsconst functions = require('firebase-functions') const database = require('../../firebase-db')const admin = database.adminexports.sessionSignout = functions.region('europe-west1').pubsub.schedule('*/15 * * * *').timeZone('Europe/Stockholm').onRun(async (event) => { database.ref(`users`) .once('value', (usersSnapshots) => { usersSnapshots.forEach((snapshot) => { const uid = snapshot.key admin.auth().revokeRefreshTokens(uid) }) })}我得到錯誤錯誤：函數執行失敗。詳細信息：無法讀取未定義的屬性“auth”

查看完整描述

2 回答

互換的青春

TA貢獻1797條經驗獲得超6個贊

您鏈接的文檔說您可以使用 Firebase Admin SDK撤銷用戶的刷新令牌以終止他們的會話。此代碼必須在您控制的后端上運行，這意味著您將無法在客戶端應用程序中執行此操作。無論您選擇什么定義，后端都需要知道用戶何時變得“不活動”。將這一切連接起來并非易事，但卻是可能的。

反對回復 2021-11-18

料青山看我應如是

TA貢獻1772條經驗獲得超8個贊

我只是想分享我的代碼供其他人使用。

我已經有了代碼來適應存在意識。

索引.js

import database from './firebase/firebase' //Firebase setup for client

firebase.auth().onAuthStateChanged((user) => {

//Handle login and redirect

if (user) {

//We are logged in

addPresenceAwarenessListener()

}else{

...

}

const addPresenceAwarenessListener = () => {

// Create a reference to the special '.info/connected' path in

// Realtime Database. This path returns `true` when connected

// and `false` when disconnected.

database.ref('.info/connected').on('value', (snapshot) => {

// If we're not currently connected, don't do anything.

if (snapshot.val() == false) {

return

}

const uid = firebase.auth().currentUser.uid

//Push last login/logout to user profile

const userLastLoginOutRef = database.ref(`users/${uid}`)

userLastLoginOutRef.onDisconnect().update({lastLoginOut: firebase.database.ServerValue.TIMESTAMP})

.then(() => { userLastLoginOutRef.update({lastLoginOut: firebase.database.ServerValue.TIMESTAMP}) })

})

}

會話處理 - 在n小時后過期會話（在數據庫中設置“sessExp”）

firebase-db.js - 云功能的基本 Firebase 設置

const admin = require('firebase-admin')

const databaseConnection = {

serviceAccountFile: './my-project.json',

databaseURL: 'https://my-project.firebaseio.com/'

}

const serviceAccount = require(databaseConnection.serviceAccountFile)

const app = admin.initializeApp({

credential: admin.credential.cert(serviceAccount),

databaseURL: databaseConnection.databaseURL

}, 'remindMiNotifier')

const database = admin.database(app)

module.exports = database

sessionSignout.js - 在特定時間段后注銷用戶 - 如果指定。默認為永久會話。

const functions = require('firebase-functions')

const moment = require('moment')

const database = require('../../firebase-db')

const admin = database.app

//Import enviroment variable config (.env)

require('dotenv').config()

//Export cron job - deploy: firebase deploy --only functions:sessionSignout

exports.sessionSignout = functions

.region('europe-west1')

.pubsub

.schedule('*/15 * * * *')

.timeZone('Europe/Stockholm')

.onRun(async (event) => {

//Start execution

const now = moment()

const defaultSessionTime = 0 //Eternal session

//Get all users and calculate inactive time - time since last login

let logoutUsersArray = []

await database.ref(`users`)

.once('value', (usersSnapshots) => {

usersSnapshots.forEach((snapshot) => {

const userData = snapshot.val()

const lastLoginOut = (userData.lastLoginOut) ? userData.lastLoginOut : 0

//Only process users that has a login/out time stamp

if(lastLoginOut > 0){

const userSessionTime = (userData.sessExp) ? userData.sessExp : defaultSessionTime

const hoursSinceLastLoginOut = now.diff(lastLoginOut, 'hours')

const logoutUser = ( userSessionTime > 0 && (hoursSinceLastLoginOut > userSessionTime) )

if(logoutUser){

const userId = snapshot.key

const userName = (userData.alias) ? userData.alias : userData.displayName

const email = (userData.email) ? userData.email : ''

const userObject = {

userId,

userName,

email,

lastLoginOut,

diffHours: now.diff(lastLoginOut, 'hours')

}

logoutUsersArray.push(userObject)

}

})

console.log('logoutUsersArray', logoutUsersArray)

//Collect all promises to carry out

let myPromises = []

// Revoke all refresh tokens for each user

logoutUsersArray.forEach((logoutUser) => {

const uid = logoutUser.userId

myPromises.push(

admin.auth().revokeRefreshTokens(uid)

.then(() => {

return admin.auth().getUser(uid)

})

.then((userRecord) => {

return new Date(userRecord.tokensValidAfterTime).getTime() / 1000

})

.then((timestamp) => {

// Retrieve the timestamp of the revocation, in seconds since the epoch.

console.log('Tokens revoked at: ', timestamp)

return Promise.resolve(true)

})

.catch((err) => {

console.error('Error', err)

return Promise.reject(err)

})

)

})

//Execute promises

console.log('Execute promises')

return Promise.all(myPromises)

.then(() => Promise.resolve(true))

.catch((err) => {

console.error('Error', err)

return Promise.reject(err)

})

})//End sessionSignout

反對回復 2021-11-18

2 回答
0 關注
253 瀏覽

關注

添加回答

舉報

0/150

提交

取消

亚洲在线久爱草,狠狠天天香蕉网,天天搞日日干久草,伊人亚洲日本欧美

熱搜

最近搜索清空

Firebase 身份驗證 - 設置會話過期

Firebase 身份驗證 - 設置會話過期

2 回答

添加回答