How to find Firebase users not in 'Username-Password-Authentication' with 'Database Action Scripts'?

roukmoute · February 24, 2023, 3:20pm

Hello,

I would like to ask you for simple examples to understand the use of “Database Action Scripts” in order to find an existing user in Firebase, in case this person is not already listed in the “Username-Password-Authentication” database.

If it is possible, could you help me to clarify this technical point? I know my request is specific, but I hope you can help me with this. Your input would be greatly appreciated and I thank you in advance for your time and attention.

roukmoute · April 17, 2023, 8:03am

Create a new Database Connection named like “Firebase”.
In Custom Database section Database Action Scripts, click on Login tab.
And use this kind of script:

async function loginAsync(email, password, callback) {
  //should be updated as new versions of axios are made available (https://auth0-extensions.github.io/canirequire/#axios)
  const axios = require("axios@0.22.0");

  let response;

  try {
    response = await axios.post(
      //store API url in connection settings to better support SDLC environments
      "https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=XxxxX",
      //user credentials passed as request body
      {
        email: email,
        password: password,
      },
      {
        timeout: 10000, //end call gracefully if request times out so script can do necessary callback
        headers: {
          //securing api call with apiKey stored in connection settings.
          //quick and easy approach however using M2M tokens is more secure as
          // a secret must not be shared between client and API.
          // "x-api-key": configuration.apiKey,
        },
      }
    );
  } catch (e) {
    console.log(e);
    if (e.response.statusCode === 404) {
      //assuming api returns 404 when email/username/password invalid
      return callback(
        new WrongUsernameOrPasswordError(email, "Invalid credentials provided.")
      );
    }
    //callback for any other error type
    return callback(new Error(e.message));
  }

  try {
    let user = response.data;

    //if using multiple custom db connections in your tenant prefix the
    //user_id with a connection specific key ex: "connName|" + user.user_id
    //this ensures unique user ids across all db connections
    return callback(null, {
      user_id: user.localId,
      nickname: user.email,
      email: user.email,
    });
  } catch (e) {
    return callback(new Error(e.message));
  }
}

jonathan.morales · October 10, 2023, 2:16pm

How would you handle if a user also has MFA in firebase configured?