I have a Firebase client web app that uses signInWithEmailAndPassword to log users in. I understand that the Firebase client will automatically save the token and use it to authenticate all Firebase requests, but how do I get the currently signed in user from the server side in node.js?
To be clear, I am NOT using Firestore. My app runs on SQL so I need to check what user is making the request from the server. Is there a cookie that Firebase puts the token into that I can then use firebase-admin to retrieve the user with?
>Solution :
You will have to pass the get ID token for the signed-in user on the client, pass that with the request to your server, and then decode and verify that token in your Node.js code.
The entire process is pretty well described in the Firebase documentation on verifying ID tokens, so I recommend keeping that handy when you implement the flow.
For an example of a similar flow in the context of Cloud Functions (1st gen), see this Authorized HTTPS Endpoint. The client-side JavaScript is in the public folder, while the server-side Node.js code is in the functions folder.