javascript - Hardcode sign in with email and password firebase in angular
问题描述
I want to authenticate users using my angular webapp without the users needing to sign-up for an account. At first I tried sign in anonymously but that created too many anonymous users. I am thinking about create an user and sign in with hardcoded email and password in my code but that exposes the email and password in the console. Can bad guys do anything with the email and password they find in the console like can they access my database with that via REST API or is there a better way to do this?
My code:
constructor(private afAuth: AngularFireAuth) {
this.afAuth.auth.signInWithEmailAndPassword("test@email.com","helloworld")
.then((user) => {
this.authState = user
})
.catch(error => console.log(error));
}
Console:
Request URL: https://www.googleapis.com/identitytoolkit/v3/relyingparty/verifyPassword?key=APIKEY
{email: "test@email.com", password: "helloworld", returnSecureToken: true}
email: "test@email.com"
password: "helloworld"
returnSecureToken: true
解决方案
为此,您可以使用 Firebase 的“匿名身份验证”功能。您可以从以下网址关注官方文档:https ://firebase.google.com/docs/auth/web/anonymous-auth
推荐阅读
- android - getFilter() 在 RecyclerView 适配器中无法正常工作?
- airflow - 如何运行 Airflow DAG 特定次数?
- python-3.4 - ord() 函数或带有 Z3 Solver 的字符串的 ASCII 字符代码
- flutter - 颤动行mainAxisAlignment spaceBetween不工作
- robotframework - 如何在机器人框架的 FOR 循环中使用 if/else 条件
- python-3.x - 如何将主机 IP 地址分配给我的 POSTGRESQL 数据库
- django - Nginx Gunicorn Django -- 上游过早关闭连接错误
- java - 使用 jxl 更新现有 xls 文件后 xls 文件损坏
- qt - 如何在 Qt 中检查以太网端口连接状态?
- javascript - Datepicker 框不显示从数据库中选择的日期