时间戳

首页 > 解决方案 > 会话不适用于 chrome,但适用于 Firefox

javascript - 会话不适用于 chrome,但适用于 Firefox

问题描述

我正在使用 Firebase ui 登录用户并使用 cookie parser 。我从 Firebase Docs Firebase Docs编写了代码

奇怪的是它只适用于 firefox Desktop。我尝试使用 chrome 但它不起作用。它也不适用于手机浏览器。

保存会话 cookie 的路由

app.get('/sessionLogin', (req, res) => {
const idToken = req.query.idToken;
 console.log(idToken);
admin.auth().verifyIdToken(idToken).then(function (decodedToken) {
    var uid = decodedToken.uid;
    console.log("uid  " + uid);
    const expiresIn = 60 * 60 * 24 * 5 * 1000;

admin.auth().createSessionCookie(idToken, { expiresIn })
    .then((sessionCookie) => {
        const options={maxAge : expiresIn ,httpOnly:true,secure:true};
        res.cookie('session',sessionCookie,options);
        res.redirect('/newPage');
    },error =>{
        res.status(401).send("OPSIE");
    });
}).catch(function (err) {
    console.log("!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!");
    console.log(err);
}); 

});

经验证的路线

app.get('/newPage', (req, res) => {

const sessionCookie = req.cookies.session || req.headers.cookie|| '' ;
// Verify the session cookie. In this case an additional check is added to detect
// if the user's Firebase session was revoked, user deleted/disabled, etc.
admin.auth().verifySessionCookie(
  sessionCookie, true /** checkRevoked */)
  .then((decodedClaims) => {
   res.render('newPage');
  })
  ,catch(error => {
    // Session cookie is unavailable or invalid. Force user to login.
    res.redirect('/signIn');
    console.log(error);    //this is where error is being logged
  });
});

我得到的错误

FirebaseAuthError: Decoding Firebase session cookie failed. Make sure you passed the entire string JWT which represents a session cookie. See https://firebase.google.com/docs/auth/admin/manage-cookies for details on how to retrieve a session cookie.
    at FirebaseAuthError.FirebaseError [as constructor] (D:\FIREBAESFJAGDS\functions\node_modules\firebase-admin\lib\utils\error.js:42:28)
    at FirebaseAuthError.PrefixedFirebaseError [as constructor] (D:\FIREBAESFJAGDS\functions\node_modules\firebase-admin\lib\utils\error.js:88:28)
    at new FirebaseAuthError (D:\FIREBAESFJAGDS\functions\node_modules\firebase-admin\lib\utils\error.js:147:16)
    at FirebaseTokenVerifier.verifyJWTWithProjectId (D:\FIREBAESFJAGDS\functions\node_modules\firebase-admin\lib\auth\token-verifier.js:166:35)
    at D:\FIREBAESFJAGDS\functions\node_modules\firebase-admin\lib\auth\token-verifier.js:102:26
    at processTicksAndRejections (internal/process/task_queues.js:97:5) {
  errorInfo: {
    code: 'auth/argument-error',
    message: 'Decoding Firebase session cookie failed. Make sure you passed the entire string JWT which represents a session cookie. See https://firebase.google.com/docs/auth/admin/manage-cookies for details on how to retrieve a session cookie.'
  },
  codePrefix: 'auth'
}

标签: javascriptfirebasesessioncookiesfirebase-authentication

解决方案

事实证明,在 https 上运行服务器解决了这个问题(如果有意义的话)。

指导

推荐阅读