Working on a web app in JavaScript using Firebase authentication that needs to reach out to a remote PHP script.
The user should be able to log into the web app, then once authenticated has access to the functionality of the PHP script.
I generated a token with firebase.auth().currentUser.getToken()
and successfully POSTed to the PHP server.
firebase.auth().currentUser.getToken(true).then(function(idToken) {
var uid = firebase.auth().currentUser.uid;
var http = new XMLHttpRequest();
var url = "http://localhost/json.php";
var params = "token=" + idToken + "&uid=" + uid;
http.open("POST", url, true);
//Send the proper header information along with the request
http.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
http.onreadystatechange = function() {//Call a function when the state changes.
if(http.readyState == 4 && http.status == 200) {
alert(http.responseText);
}
}
http.send(params);
//console.log("TOKEN: " + idToken);
}).catch(function(error) {
// Handle error
});
However, I'm having some issue on the PHP side where all I need is to validate that the user is currently signed in. I tried the firebase/php-jwt library but I seem to be missing how to do a simple validation so the user can unlock the functionality of the PHP script.
Any ideas?