我试图创建一个简单的 flask 应用程序,将允许我登录和退出使用Firebase,但我得到这个错误。
Firebase ID令牌具有错误的“iss”(颁发者)声明。应为“https://securetoken.google.com/watering-web-app“,但得到的是“https://session.firebase.google.com/watering-web-app“。请确保ID令牌与用于验证此SDK的服务帐户来自同一Firebase项目。有关如何检索ID令牌的详细信息,请参见https://firebase.google.com/docs/auth/admin/verify-id-tokens。
下面是app.py文件的外观,以供参考。
from flask import Flask, render_template, request, redirect, url_for
import firebase_admin
import pyrebase
from firebase_admin import credentials, auth
app = Flask(__name__)
# Firebase configuration
config = {
"apiKey": "<API_KEY>",
"databaseURL": "<DB_URL",
"authDomain": "watering-web-app.firebaseapp.com",
"projectId": "PROJECTID"
"storageBucket": "BUCKET",
"messagingSenderId": "ID",
"appId": "APPID"
}
# Initialize Firebase app
firebase = pyrebase.initialize_app(config)
cred = credentials.Certificate('firebase-credentials.json')
firebaseAdmin = firebase_admin.initialize_app(cred)
# Get a reference to the Firebase Authentication service
regAuth = firebase.auth()
# Home page
@app.route("/")
def home():
# Get the Firebase ID token from the user's browser cookies.
id_token = request.cookies.get('token')
if id_token:
try:
# Verify the ID token and get the user's information.
try:
decoded_token = auth.verify_id_token(id_token)
print(decoded_token)
user_info = {
'uid': decoded_token['uid'],
'email': decoded_token.get('email', None),
#'name': decoded_token.get('name', None)
}
return render_template('home.html', user=user_info)
except Exception as e:
print(e)
except auth.InvalidIdTokenError:
# The token is invalid or expired. Redirect the user to the login page.
return redirect(url_for('login'))
# If there's no ID token, redirect the user to the login page.
return redirect(url_for('login'))
# Sign up page
@app.route("/signup", methods=["GET", "POST"])
def signup():
if request.method == "POST":
# If the form was submitted, create a new user with the provided email and password
email = request.form["email"]
password = request.form["password"]
try:
regAuth.create_user_with_email_and_password(email, password)
# If the user was created successfully, redirect to the login page
return redirect(url_for('login'))
except:
# If there was an error creating the user, render the signup page with an error message
message = "An error occurred. Please try again."
return render_template("signup.html", message=message)
else:
# If the user has not submitted the form, render the signup page
return render_template("signup.html")
# Login page
@app.route("/login", methods=["GET", "POST"])
def login():
if request.method == "POST":
# If the form was submitted, authenticate the user with the provided email and password
email = request.form["email"]
password = request.form["password"]
try:
user = regAuth.sign_in_with_email_and_password(email, password)
# If the user was authenticated successfully, set a session cookie and redirect to the home page
session_cookie = auth.create_session_cookie(user['idToken'], expires_in=36000)
response = redirect(url_for('home'))
response.set_cookie('token', session_cookie, httponly=True, secure=True)
return response
except Exception as e:
print(e)
# If there was an error authenticating the user, render the login page with an error message
message = "Invalid email or password. Please try again."
return render_template("login.html", message=message)
else:
# If the user has not submitted the form, render the login page
return render_template("login.html")
# Logout route
@app.route('/logout')
def logout():
# Clear the session cookie and redirect to the login page
response = redirect(url_for('login'))
response.set_cookie('session', expires=0)
return response
if __name__ == '__main__':
app.run(debug=True)```
The error is happening in the home page when I try to decode the tokenId.<br>
`decoded_token = auth.verify_id_token(id_token)`
1条答案
按热度按时间jecbmhm31#
我找到了答案。
问题是它应该是
verify_session_cookie而不是verify_id_token。现在我们讨论的这条线看起来像这样
decoded_token = auth.verify_session_cookie(id_token)