Authentication works seamlessly with backend endpoints ($75)

[josancamon19]

Is your feature request related to a problem? Please describe.
getIdToken works seamlessly with authorization endpoints in backend.

So instead of sending uid as query parameter, the app should send an Authorization header with the idToken generated by firebase.

This is 80% implemented, needs polishing, testing, and 100% working, can't have any failures.

Check what happens when the token expires, and how frequently firebase expires the token.
Check if on main there has to be some sort of silent sign In

This should work for android and ios.

[CoderMANE321]

Just to clear this up do you need Pentesting as well or just some Unit written up?

[mdmohsin7]

Just to clear this up do you need Pentesting as well or just some Unit written up?

He is referring to changing the uid params in the backend to use the auth util to get the current user's uid and removing the uid param in the app and replacing it with auth header

[mdmohsin7]

@CoderMANE321 are you working on it?

[CoderMANE321]

@mdmohsin7 Not yet, but I'll start on it today

[CoderMANE321]

@mdmohsin7 Hey, I've looked over it, and to me everything looks fine, I was looking to either implement some code or pentest but it just needs some unit tests to confirm
' token expiration - responds 401
how frequently firebase expires the token - 1 hour but firebase has token refresh method
if on main there has to be some sort of silent sign In - aren't you caching on redis couldn't you just extract the
cookie '

I didn't clone the project I only did a static analysis

Sorry if this doesn't help but I would want some more access if I was going to create these test

Good luck on the product and happy hacking =)