Update auth snippets

samtstern · samtstern · commit eba953defb02 · 2021-04-16T15:00:30.000+01:00
diff --git a/auth/create_custom_tokens.js b/auth/create_custom_tokens.js
@@ -1,23 +1,23 @@
 'use strict';
-const admin = require('firebase-admin');
+import { initializeApp } from 'firebase-admin/app';
+import { getAuth } from 'firebase-admin/auth';
 
 // Initialize the Admin app with the default appication credentials
 // [START initialize_sdk_with_default_config]
-admin.initializeApp();
+initializeApp();
 // [END initialize_sdk_with_default_config]
 
 // Initialize the Admin app by providing a service accoune key
 // [START initialize_sdk_with_service_account_id]
-admin.initializeApp({
+initializeApp({
   serviceAccountId: 'my-client-id@my-project-id.iam.gserviceaccount.com',
 });
 // [END initialize_sdk_with_service_account_id]
 
 // [START custom_token]
 const uid = 'some-uid';
 
-admin
-  .auth()
+getAuth()
   .createCustomToken(uid)
   .then((customToken) => {
     // Send token back to client
@@ -33,8 +33,7 @@ const additionalClaims = {
   premiumAccount: true,
 };
 
-admin
-  .auth()
+getAuth()
   .createCustomToken(userId, additionalClaims)
   .then((customToken) => {
     // Send token back to client
diff --git a/auth/custom_claims.js b/auth/custom_claims.js
@@ -1,15 +1,15 @@
 'use strict';
-const admin = require('firebase-admin');
-admin.initializeApp();
+import { initializeApp } from 'firebase-admin/app';
+import { getAuth } from 'firebase-admin/auth';
+initializeApp();
 
 const uid = 'firebaseUserId123';
 const idToken = 'some-invalid-token';
 
 // [START set_custom_user_claims]
 // Set admin privilege on the user corresponding to uid.
 
-admin
-  .auth()
+getAuth()
   .setCustomUserClaims(uid, { admin: true })
   .then(() => {
     // The new custom claims will propagate to the user's ID token the
@@ -19,8 +19,7 @@ admin
 
 // [START verify_custom_claims]
 // Verify the ID token first.
-admin
-  .auth()
+getAuth()
   .verifyIdToken(idToken)
   .then((claims) => {
     if (claims.admin === true) {
@@ -31,8 +30,7 @@ admin
 
 // [START read_custom_user_claims]
 // Lookup the user associated with the specified uid.
-admin
-  .auth()
+getAuth()
   .getUser(uid)
   .then((userRecord) => {
     // The claims can be accessed on the user record.
@@ -41,15 +39,14 @@ admin
 // [END read_custom_user_claims]
 
 // [START set_custom_user_claims_script]
-admin
-  .auth()
+getAuth()
   .getUserByEmail('user@admin.example.com')
   .then((user) => {
     // Confirm user is verified.
     if (user.emailVerified) {
       // Add custom claims for additional privileges.
       // This will be picked up by the user on token refresh or next sign in on new device.
-      return admin.auth().setCustomUserClaims(user.uid, {
+      return getAuth().setCustomUserClaims(user.uid, {
         admin: true,
       });
     }
@@ -60,8 +57,7 @@ admin
 // [END set_custom_user_claims_script]
 
 // [START set_custom_user_claims_incremental]
-admin
-  .auth()
+getAuth()
   .getUserByEmail('user@admin.example.com')
   .then((user) => {
     // Add incremental custom claim without overwriting existing claims.
@@ -70,7 +66,7 @@ admin
       // Add level.
       currentCustomClaims['accessLevel'] = 10;
       // Add custom claims for additional privileges.
-      return admin.auth().setCustomUserClaims(user.uid, currentCustomClaims);
+      return getAuth().setCustomUserClaims(user.uid, currentCustomClaims);
     }
   })
   .catch((error) => {
diff --git a/auth/email_action_links.js b/auth/email_action_links.js
@@ -1,6 +1,7 @@
 'use strict';
-const admin = require('firebase-admin');
-admin.initializeApp();
+import { initializeApp } from 'firebase-admin/app';
+import { getAuth } from 'firebase-admin/auth';
+initializeApp();
 
 // [START init_action_code_settings]
 const actionCodeSettings = {
@@ -25,8 +26,7 @@ const actionCodeSettings = {
 // [START password_reset_link]
 // Admin SDK API to generate the password reset link.
 const userEmail = 'user@example.com';
-admin
-  .auth()
+getAuth()
   .generatePasswordResetLink(userEmail, actionCodeSettings)
   .then((link) => {
     // Construct password reset email template, embed the link and send
@@ -41,8 +41,7 @@ admin
 // [START email_verification_link]
 // Admin SDK API to generate the password reset link.
 const email = 'user@example.com';
-admin
-  .auth()
+getAuth()
   .generatePasswordResetLink(email, actionCodeSettings)
   .then((link) => {
     // Construct password reset email template, embed the link and send
@@ -56,8 +55,7 @@ admin
 // [START email_verification_link]
 // Admin SDK API to generate the email verification link.
 const useremail = 'user@example.com';
-admin
-  .auth()
+getAuth()
   .generateEmailVerificationLink(useremail, actionCodeSettings)
   .then((link) => {
     // Construct email verification template, embed the link and send
@@ -72,8 +70,7 @@ admin
 // [START sign_in_with_email_link]
 // Admin SDK API to generate the sign in with email link.
 const usremail = 'user@example.com';
-admin
-  .auth()
+getAuth()
   .generateSignInWithEmailLink(usremail, actionCodeSettings)
   .then((link) => {
     // Construct sign-in with email link template, embed the link and
diff --git a/auth/get_service_account_tokens.js b/auth/get_service_account_tokens.js
@@ -15,10 +15,10 @@
  */
 'use strict';
 // [START get_service_account_tokens]
-const admin = require('firebase-admin');
+import { cert } from 'firebase-admin/app';
 
 const serviceAccount = require('./path/to/serviceAccountKey.json');
-const credential = admin.credential.cert(serviceAccount);
+const credential = cert(serviceAccount);
 
 credential.getAccessToken().then((accessTokenInfo) => {
   const accessToken = accessTokenInfo.access_token;
diff --git a/auth/import_users.js b/auth/import_users.js
@@ -1,6 +1,7 @@
 'use strict';
-const admin = require('firebase-admin');
-admin.initializeApp();
+import { initializeApp } from 'firebase-admin/app';
+import { getAuth } from 'firebase-admin/auth';
+initializeApp();
 
 //[START build_user_list]
 // Up to 1000 users can be imported at once.
@@ -22,8 +23,7 @@ const userImportRecords = [
 //[END build_user_list]
 
 // [START import_users]
-admin
-  .auth()
+getAuth()
   .importUsers(userImportRecords, {
     hash: {
       algorithm: 'HMAC_SHA256',
@@ -49,8 +49,7 @@ admin
 // [END import_users]
 
 // [START import_with_hmac]
-admin
-  .auth()
+getAuth()
   .importUsers(
     [
       {
@@ -81,8 +80,7 @@ admin
 // [END import_with_hmac]
 
 // [START import_with_pbkdf]
-admin
-  .auth()
+getAuth()
   .importUsers(
     [
       {
@@ -112,8 +110,7 @@ admin
 // [END import_with_pbkdf]
 
 // [START import_with_standard_scrypt]
-admin
-  .auth()
+getAuth()
   .importUsers(
     [
       {
@@ -146,8 +143,7 @@ admin
 // [END import_with_standard_scrypt]
 
 // [START import_with_bcrypt]
-admin
-  .auth()
+getAuth()
   .importUsers(
     [
       {
@@ -174,8 +170,7 @@ admin
 // [END import_with_bcrypt]
 
 // [START import_with_scrypt]
-admin
-  .auth()
+getAuth()
   .importUsers(
     [
       {
@@ -210,8 +205,7 @@ admin
 // [END import_with_scrypt]
 
 // [START import_without_password]
-admin
-  .auth()
+getAuth()
   .importUsers([
     {
       uid: 'some-uid',
diff --git a/auth/manage_cookies.js b/auth/manage_cookies.js
@@ -1,6 +1,8 @@
 'use strict';
-const admin = require('firebase-admin');
-admin.initializeApp();
+import { initializeApp } from 'firebase-admin/app';
+import { getAuth } from 'firebase-admin/auth';
+initializeApp();
+
 const express = require('express');
 const app = express();
 
@@ -20,8 +22,7 @@ app.post('/sessionLogin', (req, res) => {
   // The session cookie will have the same claims as the ID token.
   // To only allow session cookie setting on recent sign-in, auth_time in ID token
   // can be checked to ensure user was recently signed in before creating a session cookie.
-  admin
-    .auth()
+  getAuth()
     .createSessionCookie(idToken, { expiresIn })
     .then(
       (sessionCookie) => {
@@ -43,14 +44,13 @@ app.post('/verifyToken', (req, res) => {
   // Set session expiration to 5 days.
   const expiresIn = 60 * 60 * 24 * 5 * 1000;
   // [START check_auth_time]
-  admin
-    .auth()
+  getAuth()
     .verifyIdToken(idToken)
     .then((decodedIdToken) => {
       // Only process if the user just signed in in the last 5 minutes.
       if (new Date().getTime() / 1000 - decodedIdToken.auth_time < 5 * 60) {
         // Create session cookie and set it.
-        return admin.auth().createSessionCookie(idToken, { expiresIn });
+        return getAuth().createSessionCookie(idToken, { expiresIn });
       }
       // A user that was not recently signed in is trying to set a session cookie.
       // To guard against ID token theft, require re-authentication.
@@ -65,8 +65,7 @@ app.post('/profile', (req, res) => {
   const sessionCookie = req.cookies.session || '';
   // Verify the session cookie. In this case an additional check is added to detect
   // if the user's Firebase session was revoked, user deleted/disabled, etc.
-  admin
-    .auth()
+  getAuth()
     .verifySessionCookie(sessionCookie, true /** checkRevoked */)
     .then((decodedClaims) => {
       serveContentForUser('/profile', req, res, decodedClaims);
@@ -81,8 +80,7 @@ app.post('/profile', (req, res) => {
 app.post('/verifySessionCookie', (req, res) => {
   const sessionCookie = req.cookies.session || '';
   // [START session_verify_with_permission_check]
-  admin
-    .auth()
+  getAuth()
     .verifySessionCookie(sessionCookie, true)
     .then((decodedClaims) => {
       // Check custom claims to confirm user is an admin.
@@ -109,11 +107,10 @@ app.post('/sessionLogout', (req, res) => {
 app.post('/sessionLogout', (req, res) => {
   const sessionCookie = req.cookies.session || '';
   res.clearCookie('session');
-  admin
-    .auth()
+  getAuth()
     .verifySessionCookie(sessionCookie)
     .then((decodedClaims) => {
-      return admin.auth().revokeRefreshTokens(decodedClaims.sub);
+      return getAuth().revokeRefreshTokens(decodedClaims.sub);
     })
     .then(() => {
       res.redirect('/login');
diff --git a/auth/manage_sessions.js b/auth/manage_sessions.js
@@ -1,6 +1,8 @@
 'use strict';
-const admin = require('firebase-admin');
-admin.initializeApp();
+import { initializeApp } from 'firebase-admin/app';
+import { getAuth } from 'firebase-admin/auth';
+import { getDatabase } from 'firebase-admin/database';
+initializeApp();
 
 const uid = 'some_uid_1234';
 const idToken = 'some_id_token';
@@ -9,11 +11,10 @@ const utcRevocationTimeSecs = 60 * 60;
 // [START revoke_tokens]
 // Revoke all refresh tokens for a specified user for whatever reason.
 // Retrieve the timestamp of the revocation, in seconds since the epoch.
-admin
-  .auth()
+getAuth()
   .revokeRefreshTokens(uid)
   .then(() => {
-    return admin.auth().getUser(uid);
+    return getAuth().getUser(uid);
   })
   .then((userRecord) => {
     return new Date(userRecord.tokensValidAfterTime).getTime() / 1000;
@@ -24,7 +25,7 @@ admin
 // [END revoke_tokens]
 
 // [START save_revocation_in_db]
-const metadataRef = admin.database().ref('metadata/' + uid);
+const metadataRef = getDatabase().ref('metadata/' + uid);
 metadataRef.set({ revokeTime: utcRevocationTimeSecs }).then(() => {
   console.log('Database updated successfully.');
 });
@@ -34,8 +35,7 @@ metadataRef.set({ revokeTime: utcRevocationTimeSecs }).then(() => {
 // Verify the ID token while checking if the token is revoked by passing
 // checkRevoked true.
 let checkRevoked = true;
-admin
-  .auth()
+getAuth()
   .verifyIdToken(idToken, checkRevoked)
   .then((payload) => {
     // Token is valid.
diff --git a/auth/manage_users.js b/auth/manage_users.js
diff --git a/auth/verify_id_tokens.js b/auth/verify_id_tokens.js
