‹ 首页

firebase-auth-basics

@firebase · 收录于 1 周前 · 上游提交 3 周前

Guide for setting up and using Firebase Authentication. Use this skill when the user's app requires user sign-in, user management, or secure data access using auth rules.

适合你,如果正在开发需要用户身份验证的应用

/ 通过 npx 安装 校验哈希
npx oh-my-skill add firebase/agent-skills/firebase-auth-basics
/ 通过 bash 安装
curl -fsSL https://oh-my-skill.com/install.sh | bash -s -- firebase/agent-skills/firebase-auth-basics
/ 已经装过?验证本机副本,不用重装
npx oh-my-skill verify firebase/agent-skills/firebase-auth-basics
安装目标可用 --agent / --scope 或 --to 明确指定;省略时只会在唯一已存在的 agent 目录上自动选择,零命中或多命中会停止并提示。content_hash 缺失或不一致均拒装。
375GitHub stars
~877最小装载
~4.4K含声明引用
~5K文本包总量
索引托管

怎么用

商店整理自技能原文 · 版本 538130c · 表述以原文为准
它做什么

Claude 会指导你设置 Firebase 身份验证,包括启用登录方式、配置客户端 SDK 以及编写安全规则。

什么时候触发

当你的应用需要用户登录、用户管理或通过身份验证规则保护数据时触发。

装好后可以这样说
Claude 会指导启用邮箱密码登录并配置客户端。
Claude 会提供 Flutter 客户端设置步骤。
Claude 会解释如何基于用户身份限制数据访问。
技能原文 SKILL.md作者撰写 · Apache-2.0 · 538130c
Prerequisites
  • Firebase Project: Created via npx -y firebase-tools@latest projects:create (see firebase-basics).
  • Firebase CLI: Installed and logged in (see firebase-basics).
Core Concepts

Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app.

Users

A user is an entity that can sign in to your app. Each user is identified by a unique ID (uid) which is guaranteed to be unique across all providers. User properties include:

  • uid: Unique identifier.
  • email: User's email address (if available).
  • displayName: User's display name (if available).
  • photoURL: URL to user's photo (if available).
  • emailVerified: Boolean indicating if the email is verified.
Identity Providers

Firebase Auth supports multiple ways to sign in:

  • Email/Password: Basic email and password authentication.
  • Federated Identity Providers: Google, Facebook, Twitter, GitHub, Microsoft, Apple, etc.
  • Phone Number: SMS-based authentication.
  • Anonymous: Temporary guest accounts that can be linked to permanent accounts later.
  • Custom Auth: Integrate with your existing auth system.

Google Sign In is recommended as a good and secure default provider.

Tokens

When a user signs in, they receive an ID Token (JWT). This token is used to identify the user when making requests to Firebase services (Realtime Database, Cloud Storage, Firestore) or your own backend.

  • ID Token: Short-lived (1 hour), verifies identity.
  • Refresh Token: Long-lived, used to get new ID tokens.
Workflow
1. Provisioning
Option 1. Enabling Authentication via CLI

Only Google Sign In, anonymous auth, and email/password auth can be enabled via CLI. For other providers, use the Firebase Console.

Configure Firebase Authentication in firebase.json by adding an 'auth' block:

{
  "auth": {
    "providers": {
      "anonymous": true,
      "emailPassword": true,
      "googleSignIn": {
        "oAuthBrandDisplayName": "Your Brand Name",
        "supportEmail": "support@example.com",
        "authorizedRedirectUris": ["https://example.com", "http://localhost"]
      }
    }
  }
}
[!NOTE] If the Google Sign-In popup opens and immediately closes with the error [firebase_auth/unauthorized-domain], it means the domain is not authorized. For local development, ensure localhost is included in the Authorized Domains list in the Firebase Console or via the authorizedDomains field in firebase.json. CRITICAL: Do NOT include the protocol or port number in the Authorized Domains list (e.g., use localhost, NOT http://localhost:9090).

CRITICAL: After configuring firebase.json, you MUST deploy the auth configuration to the Firebase backend for the changes to take effect. This is essential for auth providers like Google Sign-In, email/password, etc. to auto-generate the necessary OAuth clients for your app platforms. Run:

npx -y firebase-tools@latest deploy --only auth
Option 2. Enabling Authentication in Console

Enable other providers in the Firebase Console.

  1. Go to the https://console.firebase.google.com/project/_/authentication/providers
  2. Select your project.
  3. Enable the desired Sign-in providers (e.g., Email/Password, Google).
2. Client Setup & Usage

Web See [references/client_sdk_web.md](references/client_sdk_web.md).

Flutter See [references/flutter_setup.md](references/flutter_setup.md). Android (Kotlin) See [references/client_sdk_android.md](references/client_sdk_android.md).

3. Security Rules

Secure your data using request.auth in Firestore/Storage rules.

See [references/security_rules.md](references/security_rules.md).

按 Apache-2.0 许可原样转载,未经改动 · 在 GitHub 查看 →

评论

登录即可评论;带「已验证安装」的,是发布者名下有本店的安装或持有记录。