Javascript 如何在firebase函数中取消对一条路由的保护
我使用了这个代码示例,其中附加了一个代码片段:Javascript 如何在firebase函数中取消对一条路由的保护,javascript,node.js,firebase,express,firebase-authentication,Javascript,Node.js,Firebase,Express,Firebase Authentication,我使用了这个代码示例,其中附加了一个代码片段: const validateFirebaseIdToken = (req, res, next) => { cors(req, res, () => {}); // console.log("Check if request is authorized with Firebase ID token"); if ( (!req.headers.authorization || !req
const validateFirebaseIdToken = (req, res, next) => {
cors(req, res, () => {});
// console.log("Check if request is authorized with Firebase ID token");
if (
(!req.headers.authorization ||
!req.headers.authorization.startsWith("Bearer ")) &&
!(req.cookies && req.cookies.__session)
) {
console.error(
"No Firebase ID token was passed as a Bearer token in the Authorization header.",
"Make sure you authorize your request by providing the following HTTP header:",
"Authorization: Bearer <Firebase ID Token>",
'or by passing a "__session" cookie.'
);
res.status(403).send("Unauthorized");
return;
}
let idToken;
if (
req.headers.authorization &&
req.headers.authorization.startsWith("Bearer ")
) {
console.log('Found "Authorization" header');
// Read the ID Token from the Authorization header.
idToken = req.headers.authorization.split("Bearer ")[1];
} else if (req.cookies) {
console.log('Found "__session" cookie');
// Read the ID Token from cookie.
idToken = req.cookies.__session;
} else {
// No cookie
res.status(403).send("Unauthorized");
return;
}
我想通过授权令牌保护文件中的其他几个端点,但这一个路由不需要保护。此处显示的代码仅显示
validateFireBaisedTokenapp.use(validateFirebaseIdToken);
app.post()app.post()app.post("/routeYouWantProtected", validateFirebaseIdToken, (req, res) => { ... })
app.post("/routeYouWantProtected", validateFirebaseIdToken, (req, res) => { ... })