OAuth user login & Firebase Authentication #16
Comments
|
How should this interact with the current MongoDB login? Should the user visit localhost, enter the |
|
After looking into the current login system a bit more, I think the best option will be to just add a "Login with Google" button to the operator.html page. That way the current operator/robot communication and mapping stays intact, and we can access firebase code where necessary. I have run into a number of issues with the CSP, I think related to Issue #26, that prevent communication with firebase. It seems like |
|
I moved the database Once refactor has been merged into master, I'll generate a new API key so that the old one is invalid. I added a login entry to the lab wiki that has the contents of That should solve the security issue of anyone being able to write data to the firebase. I was not able to find an easy solution to the domain name issue. From what I can tell, there is no way to allow all domain names with the API key to write to firebase (or even just specific IP addresses, it has to be a proper website URL). I think that means that if Stretch is hosting the website, and we load the operator page from another computer, we won't be able to write to firebase at all. Is this a problem that we have run into before? This page contains all the firebase settings: https://console.firebase.google.com/u/0/project/stretchteleop/authentication/providers |
Currently users can operate the robot and are logged into Firebase as anonymous. However to remember a user's preferences over time and when they change browsers/computers, the interface needs to know who they are. For this the safest simplest thing to do is to have them "Login with Google" through OAuth. We have done this in the past, and the data visualization tool (in
shared/data.html) should have some code we can reuse for this.The text was updated successfully, but these errors were encountered: