I am implementing a consumer login characteristic utilizing Google and Apple Signal-In. The Firebase Authentication works, and I can see the authenticated consumer within the Firebase Console. I am additionally in a position to fetch the consumer’s token as proven beneath:
guard let consumer = Auth.auth().currentUser else {
print("No authenticated consumer discovered.")
return
}
consumer.getIDTokenResult { tok, error in
print(tok?.token)
}
Nevertheless, once I name my Firebase Cloud Operate, I get an unauthorized error. This is the code for calling the operate:
Capabilities.capabilities().httpsCallable("handleUserLogin").name(["uid": "uid", "email": "email"]) { (outcome, error) in
print(error)
print(outcome)
}
I additionally tried calling the operate utilizing cURL, however the identical error happens.
Debugging Steps Taken:
App Test: Not enabled.
Firebase Safety Guidelines: Set to open (permit learn, write: if true;).
Token: Verified that the token is generated and current.
Right here’s the code for my Cloud Operate:
server code :
const capabilities = require("firebase-functions");
const admin = require("firebase-admin");
// const serviceAccount = require("./service-account.json");
admin.initializeApp();
exports.handleUserLogin = capabilities.https.onCall(async (information, context) => {
strive {
console.log("Authentication context:", context.auth);
if (!context.auth) {
console.error("Unauthenticated request");
throw new capabilities.https.HttpsError(
"unauthenticated",
"The consumer have to be authenticated to entry this operate."
);
}
console.log("Authenticated consumer UID:", context.auth.uid);
// Debug: Check Firestore write
const testRef = admin.firestore().assortment("take a look at").doc("testDoc");
strive {
await testRef.set({ take a look at: "testValue" });
console.log("Firestore take a look at write profitable.");
} catch (error) {
console.error("Firestore take a look at write failed:", error);
}
// Course of consumer login
const { uid, e mail } = information;
if (!uid || !e mail) {
console.error("Invalid arguments: UID or E-mail lacking");
throw new capabilities.https.HttpsError(
"invalid-argument",
"UID and E-mail are required."
);
}
const userRef = admin.firestore().assortment("customers").doc(uid);
strive {
const doc = await userRef.get();
if (doc.exists) {
console.log("Consumer exists:", doc.information());
return { profile: doc.information(), newUser: false };
} else {
const newUser = {
e mail,
createdAt: admin.firestore.FieldValue.serverTimestamp(),
};
console.log("Creating new consumer profile:", newUser);
await userRef.set(newUser);
console.log("New consumer created efficiently.");
return { profile: newUser, newUser: true };
}
} catch (firestoreError) {
console.error("Firestore operation failed:", firestoreError);
throw new capabilities.https.HttpsError("inner", "Firestore operation failed.");
}
} catch (error)
});
Observations
The context.auth object within the operate appears to be undefined, suggesting the consumer is not authenticated when the operate is invoked.
Safety guidelines will not be a difficulty since they’re absolutely open.
Query
Why am I receiving an unauthorized error when invoking this Cloud Operate? How can I be sure that the consumer is correctly authenticated when calling the operate?