NodeJS verifying Firebase auth tokens

JavaScript

Recipe for the latest version of Firebase: "firebase-admin": "^5.2.1". References: https://firebase.google.com/docs/auth/web/google-signin https://firebase.google.com/docs/admin/setup https://firebase.google.com/docs/auth/admin/verify-id-tokens

1/*
2    1. Create a single reference to the database 
3    lib/firebase/app_reference.js
4*/
5const admin = require("firebase-admin");
6const epa = require('epa').getEnvironment();
7const serviceAccount = epa.get('firebaseServiceAccount');  
8
9const app = admin.initializeApp({
10    credential: admin.credential.cert(serviceAccount),        
11    databaseURL: "https://code-recipes.firebaseio.com"
12});
13
14console.log('== Firebase Admin Connected ==', app.name);
15module.exports = app;
16
17
18/*
19    2. Router Logic (extract token from POST query body, and validate with Firebase)
20    POST /auth/login/
21    routes/auth.js
22*/
23var express = require('express');
24var router = express.Router();
25const UserModel = require('../lib/user_model');
26var admin = require("firebase-admin");
27const firebaseApp = require('../lib/firebase/app_reference'); 
28const epa = require('epa').getEnvironment();
29
30const checkIfUserIsOnDatabase = (req, res, next, decodedToken) => {
31    console.log('checking on database...');
32    if (!decodedToken) {
33        return;
34    }
35    const userObject = UserModel.findByEmail(decodedToken.email, (error, user) => {
36        if (error) {
37            next(error);
38        }
39        if (user) {
40            res.send(user);
41        } else {
42            // Create User Object
43            // ...
44            // res.send(user);
45        }
46    });
47}
48
49const authenticateUser = (req, res, next) => {
50    const idToken = req.body.token;    
51
52    console.log('veryifing token', idToken)
53    firebaseApp.auth().verifyIdToken(idToken)
54        .then(function(decodedToken) {
55            console.log('token verified');                
56            res.sendStatus(200);   
57            checkIfUserIsOnDatabase(req, res, next, decodedToken);                     
58        }).catch(function (error) {
59            res.sendStatus(401);
60        });
61};
62
63const logoutUser = (req, res, next) => {
64 // ...
65};
66
67router.post('/login/', authenticateUser);
68router.put('/logout/', logoutUser);
69
70module.exports = router;

Created on 9/11/2017