how to refresh token with AngularFireAuth firebase

Question

I am using "@angular/fire/auth", AngularFireAuth library. I don't see the refresh token method. Is there a way to fresh token using firebase? getIdToken says it will refresh the token if expired but it does not

thanks

if ( AuthUtils.isTokenExpired(this.accessToken) )
{
    return of(false);
}


static isTokenExpired(token: string, offsetSeconds?: number): boolean
{
    // Return if there is no token
    if ( !token || token === '' )
    {
        return true;
    }

    const date = this._getTokenExpirationDate(token);

    offsetSeconds = offsetSeconds || 0;

    if ( date === null )
    {
        return true;
    }

    return !(date.valueOf() > new Date().valueOf() + offsetSeconds * 1000);
}

Was there ever a public refresh token method available in the Firebase Authentication SDK for JavaScript? I thought Firebase handles token refresh by itself. I know there is something like [getIdToken](https://firebase.google.com/docs/auth/admin/verify-id-tokens#retrieve_id_tokens_on_clients), which you can use to obtain custom claims from the frontend. But for refresh token method, I'm not sure. — Obum, Jul 17 '22 at 22:37

Mises · Answer 1 · 2022-07-18T05:41:37.870

0

Firebase by default have an expiration time of an hour. You can get it by getting a result of a token like bellow.

You don't need to refresh tokens by yourself. Firebase do itself automatically. Only when user need to make some crucial changes with his account, he needs to log in with password. For example, he needs to pass a password when he wants to delete an account.

Typescript example

async function getTokenRes() {
   const user = auth.currentUser
   const token = await user.getIdTokenResult()
   console.log(token.expirationTime)
}

And here you have an answer to how to set up your own tokens with expiration time you want: Firebase auth set custom expiration time for custom token

Edit

Here you have example how you can force to refresh token:

async function refreshToken() {
   const user = auth.currentUser
   const token = await user.getIdToken(true)
}

edited Jul 18 '22 at 05:41

answered Jul 18 '22 at 01:25

Mises

4,251
2
19
32

thanks for that but my question is how to refresh the token so that it won't log a user out after an hour when the user is still logged in. – wil Jul 18 '22 at 03:36
@wil This is automated, you won't get logged out. – Mises Jul 18 '22 at 03:44
@wil Edited answer so you know how Firebase works. – Mises Jul 18 '22 at 03:52
@wil With what technology you using it ? Web Swift ? – Mises Jul 18 '22 at 04:10
I am using angular - typescript. I check the token and log the user out based on expire on the token. Is that wrong?. added the snippet to my question for your review. – wil Jul 18 '22 at 04:11
Well, all you did with it is unless. Expiration time works on `serverTimestamp` not user machine timestamp. – Mises Jul 18 '22 at 04:17
do you know where I can find an example of how to do this? thanks for your help btw – wil Jul 18 '22 at 04:22
@wil Doing what ? Change expiration time you got a link below my answer. You need to do that on server side, no client side. Users can't change this by them slews. – Mises Jul 18 '22 at 04:42

how to refresh token with AngularFireAuth firebase

1 Answers1