I'm using the strategy from this documentation to serve a microservice using Firebase Functions and Express.js: https://firebase.google.com/docs/hosting/functions#use_a_web_framework
Now what I want to do, is access a certain piece of data from Firebase Auth. Specifically, a field from the requesting user's custom claims. But if that's not accessible directly, I guess grabbing the user's email, phone, or UID would be a good start. Preferably, something that does not involve manually putting something in req.query, req.body or req.params
Is there a reliable way of doing it?
On the client-side:
1.- This below asumes client request is authenticated. Check on the client the Authorization header, you'll see a Bearer token.
On the server-side:
2.- Get the token from the Authorization header. If using an express Request, it would be something like:
const bearerToken = req.headers['authorization']?.split(' ')?.[1];
3.- Use the Firebase Admin SDK to verify the token:
const decodedToken = await getAuth().verifyIdToken(bearerToken);
const uid = decodedToken.uid;
4.- Use the uid property to find the user record with its custom claims:
const userRecord = await getAuth().getUser(uid);
console.log(userRecord.customClaims);