问题
I have a problem with creating a communication between the external webpage and chrome extension. I suppose I need something like this.
- User tries to log in with login form on "example.com" using Firebase Auth (using google/Fb/email - password providers)
- If User logged in successfully, then the same credentials are sending to the chrome extension
- The extension calls signInWithCredential with taken credentials, and try to log in again
- If everything is ok, then User can work with firebase dB using context_script
But it's a proper way to do that? It's a secure solution to send credentials (for example email/password, tokens) from webpage to extension (even if I use runtime.sendMessage with extension id to send data only to specific extension)?
Currently, web app and extension authentication work separately. If the user login via web app, extension don't know about it and vice versa. I need to have communication like Grammarly or moz.com, where the user login via webpage and after that he won't need to log in via an extension to work with his account.
回答1:
Surely all you need to do is pass your authorization token (I guess this is stored in a cookie after login?) to the plugin and then make requests to your services using this following the Bearer syntax?
You can get it into the extension by writing it to chrome.storage when the user hits a specific page (A click on the extension could direct the user to that page if a token is not found or has expired), then set the token:
chrome.storage.sync.set({ access_token: sometoken }, function() {
console.log('Value is set to ' + sometoken);
});
来源:https://stackoverflow.com/questions/60833658/how-to-communicate-firebase-webapp-with-chrome-extension-to-avoid-double-login