Home>

python - cannot set_cookie with firebase authentication

I want to manage user login status from session cookie using firebase authentication and flame.

It seems that set_cookie is not working properly, but I don't know how to solve it.

Referenced site: https://firebase.google.com/docs/auth/admin/manage-cookies

Applicable source code 
firebase.auth (). onAuthStateChanged (function (user) {
  if (user) {
    user.getIdToken (). then (function (data) {
      var tokenData = {idToken: data}
      $.ajax ({
        type: 'POST',
        url: '/ sessionLogin',
        data: JSON.stringify (tokenData),
        contentType: 'application/json',
        success: function () {
          console.log ("done")
        },
        error: function (XMLHttpRequest, textStatus, errorThrown) {
          alert ('error');
          console.log ("XMLHttpRequest:" + XMLHttpRequest.status);
          console.log ("textStatus:" + textStatus);
          console.log ("errorThrown:" + errorThrown.message);
        }
      })
    });
  }
});
@ app.route ('/ sessionLogin', methods = ['POST'])
def session_login ():
    id_token = request.json ['idToken']
    decoded_token = auth.verify_id_token (id_token)
    uid = decoded_token ['uid']
    expires_in = datetime.timedelta (days = 1)
    # Create the session cookie.This will also verify the ID token in the process.
    # The session cookie will have the same claims as the ID token.
    session_cookie = auth.create_session_cookie (id_token, expires_in = expires_in)
    response = jsonify ({'status': 'success'})
    # Set cookie policy for session cookie.
    expires = datetime.datetime.now () + expires_in
    response.set_cookie ('session', session_cookie, expires = expires, httponly = True, secure = True)
    print ("response", response)
    return response
@ app.route ('/ mypage', methods = ['GET', 'POST'])
def mypage ():
    session_cookie = request.cookies.get ('session')
    print ("session", session_cookie)
    if not session_cookie:
        # Session cookie is unavailable.Force user to login.
        print ("No session")
        return redirect ('/')
    # Verify the session cookie.In this case an additional check is added to detect
    # if the user's Firebase session was revoked, user deleted/disabled, etc.
    try:
        decoded_claims = auth.verify_session_cookie (session_cookie, check_revoked = True)
        return serve_content_for_user (decoded_claims)
    except auth.InvalidSessionCookieError:
        # Session cookie is invalid, expired or revoked.Force user to login.
        return redirect ('/')
    this_year = check_year ()
    return render_template ('mypage.html', this_year = this_year)
Error message 
response<Response 26 bytes [200 OK]>
Session None
It was confirmed that the uid was correctly taken from the idToken taken from

/sessionLogin.
We also confirmed that expires_in was generated properly.

However, the response.set_cookie (....) part isn't working, or request.cookies.get ('session') will be None.

If i am new to programming and don't know about cookie and firebase, please tell us if you need additional information.

If anyone can understand, please let me know.

python firebase flask cookie authentication
  • Answer # 1

    I don't know the structure, but if you use Firebase Hosting, you can only use a cookie named__ session.
    Use of cookies

    Otherwise, I want to check if the Set-Cookie header is on the response with/sessionLoginfirst.

Related articles