JavaScript How to check on the server that the client is authenticated? check server for open ports,check server for website,check

SITUATION:

Currently, I pass the UID through the url to the server.

I then use the UID to check in the database if that UID exists:


CODE:

router.get("/profile/:uid", function(req, res, next){

var uid = req.params.uid;

var userRef = admin.database().ref("users/"+uid);

userRef.once('value', function(snapshot){
    if (snapshot != null) {

PROBLEM:

That means anyone can access anyones's profile by constructing a url and pasting it in the searchbar and including the UID of that user.


QUESTION:

How can I check that the user is authenticated on the server without having such security breaches ?

Answer:1

You need to pass a authentication token instead of the uid, After the authentication process you will get the uid from Firebase and not from the user.

Verify ID tokens using the Firebase Admin SDKs

Web

firebase.auth().currentUser.getToken(/* forceRefresh */ true).then(function(idToken) {
  // Send token to your backend via HTTPS
  // ...
}).catch(function(error) {
  // Handle error
});

Server (NodeJs)

// idToken comes from the client app (shown above)

admin.auth().verifyIdToken(idToken)
  .then(function(decodedToken) {
    var uid = decodedToken.uid;
    // here you can use the uid of the user without the fear of Forgery 
  }).catch(function(error) {
    // Handle error
  });

Source: https://firebase.google.com/docs/auth/admin/verify-id-tokens

Answer:2

As an exercise I'm trying to convert a map example to use reduce: const numbers = [1, 2, 3, 4]; numbers.map(function(a,b) { return a+b; }); // [1, 3, 5, 7] my attempt for same example with ...

As an exercise I'm trying to convert a map example to use reduce: const numbers = [1, 2, 3, 4]; numbers.map(function(a,b) { return a+b; }); // [1, 3, 5, 7] my attempt for same example with ...

My rest API returns with the following json content: [{ "key": "apple", "value": "green" }, { "key": "banana", "value": "yellow" }] I am iterating through the list with this code: ...

My rest API returns with the following json content: [{ "key": "apple", "value": "green" }, { "key": "banana", "value": "yellow" }] I am iterating through the list with this code: ...

  1. convert json array to java list of objects
  2. convert json array to string
  3. convert json array to list java
  4. convert json array to list
  5. convert json array to list c#
  6. convert json array to string javascript
  7. convert json array to xml c#
  8. convert json array to java object
  9. convert json array to string java
  10. convert json array to csv
  11. convert json array to map in java
  12. convert json array to object
  13. convert json array to datatable c#
  14. convert json array to string c#
  15. convert json array to list of map in java
  16. convert json array to java list using jackson
  17. convert json array to string online
  18. convert json array to object c#
  19. convert json array to dictionary c#
  20. convert json array to list c# newtonsoft

I have found there a nice and working perfectly fine tutorial to play with music with a web library. Everything is working fine but I would like to have the "average value" of the music I play. Let ...

I have found there a nice and working perfectly fine tutorial to play with music with a web library. Everything is working fine but I would like to have the "average value" of the music I play. Let ...

I have a JSON object: var info=JSON.parse(server_response); I run console.log(info); And got this output: [ [ [ "Dipu", "Mondal", "O Positive", "017xxxx", "...

I have a JSON object: var info=JSON.parse(server_response); I run console.log(info); And got this output: [ [ [ "Dipu", "Mondal", "O Positive", "017xxxx", "...

  1. canvas
  2. canada
  3. cancelled
  4. canceled vs cancelled
  5. cancun
  6. canada goose
  7. cane corso
  8. canes
  9. canadian prime minister
  10. cancun flights
  11. canker sore
  12. candy
  13. cancer
  14. canon
  15. canvas prints
  16. cancer sign
  17. candace owens
  18. canada news
  19. candytopia
  20. canlis