Перейти к консоли

firebase_admin.auth module

Firebase Authentication module.

This module contains functions for minting and verifying JWTs used for authenticating against Firebase services. It also provides functions for creating and managing user accounts in Firebase projects.

Exceptions

exception firebase_admin.auth.AuthError(code, message, error=None)

Bases: exceptions.Exception

Represents an Exception encountered while invoking the Firebase auth API.

Classes

class firebase_admin.auth.ActionCodeSettings(url, handle_code_in_app=None, dynamic_link_domain=None, ios_bundle_id=None, android_package_name=None, android_install_app=None, android_minimum_version=None)

Bases: object

Contains required continue/state URL with optional Android and iOS settings. Used when invoking the email action link generation APIs.

class firebase_admin.auth.ErrorInfo(error)

Bases: object

Represents an error encountered while importing an ImportUserRecord.

index
reason
class firebase_admin.auth.ExportedUserRecord(data)

Bases: firebase_admin._user_mgt.UserRecord

Contains metadata associated with a user including password hash and salt.

password_hash

The user’s password hash as a base64-encoded string.

If the Firebase Auth hashing algorithm (SCRYPT) was used to create the user account, this is the base64-encoded password hash of the user. If a different hashing algorithm was used to create this user, as is typical when migrating from another Auth system, this is an empty string. If no password is set, this is None.

password_salt

The user’s password salt as a base64-encoded string.

If the Firebase Auth hashing algorithm (SCRYPT) was used to create the user account, this is the base64-encoded password salt of the user. If a different hashing algorithm was used to create this user, as is typical when migrating from another Auth system, this is an empty string. If no password is set, this is None.

class firebase_admin.auth.ImportUserRecord(uid, email=None, email_verified=None, display_name=None, phone_number=None, photo_url=None, disabled=None, user_metadata=None, provider_data=None, custom_claims=None, password_hash=None, password_salt=None)

Bases: object

Represents a user account to be imported to Firebase Auth.

Must specify the uid field at a minimum. A sequence of ImportUserRecord objects can be passed to the auth.import_users() function, in order to import those users into Firebase Auth in bulk. If the password_hash is set on a user, a hash configuration must be specified when calling import_users().

Parameters:
  • uid – User’s unique ID. Must be a non-empty string not longer than 128 characters.
  • email – User’s email address (optional).
  • email_verified – A boolean indicating whether the user’s email has been verified (optional).
  • display_name – User’s display name (optional).
  • phone_number – User’s phone number (optional).
  • photo_url – User’s photo URL (optional).
  • disabled – A boolean indicating whether this user account has been disabled (optional).
  • user_metadata – An auth.UserMetadata instance with additional user metadata (optional).
  • provider_data – A list of auth.UserProvider instances (optional).
  • custom_claims – A dict of custom claims to be set on the user account (optional).
  • password_hash – User’s password hash as a bytes sequence (optional).
  • password_salt – User’s password salt as a bytes sequence (optional).
Raises:

ValueError – If provided arguments are invalid.

to_dict()

Returns a dict representation of the user. For internal use only.

custom_claims
display_name
email
password_hash
password_salt
phone_number
photo_url
provider_data
uid
user_metadata
class firebase_admin.auth.ListUsersPage(download, page_token, max_results)

Bases: object

Represents a page of user records exported from a Firebase project.

Provides methods for traversing the user accounts included in this page, as well as retrieving subsequent pages of users. The iterator returned by iterate_all() can be used to iterate through all users in the Firebase project starting from this page.

get_next_page()

Retrieves the next page of user accounts, if available.

Returns:Next page of users, or None if this is the last page.
Return type:ListUsersPage
iterate_all()

Retrieves an iterator for user accounts.

Returned iterator will iterate through all the user accounts in the Firebase project starting from this page. The iterator will never buffer more than one page of users in memory at a time.

Returns:An iterator of ExportedUserRecord instances.
Return type:iterator
has_next_page

A boolean indicating whether more pages are available.

next_page_token

Page token string for the next page (empty string indicates no more pages).

users

A list of ExportedUserRecord instances available in this page.

class firebase_admin.auth.UserImportHash(name, data=None)

Bases: object

Represents a hash algorithm used to hash user passwords.

An instance of this class must be specified when importing users with passwords via the auth.import_users() API. Use one of the provided class methods to obtain new instances when required. Refer to documentation for more details.

classmethod bcrypt()

Creates a new Bcrypt algorithm instance.

Returns:A new UserImportHash.
Return type:UserImportHash
classmethod hmac_md5(key)

Creates a new HMAC MD5 algorithm instance.

Parameters:key – Signer key as a byte sequence.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod hmac_sha1(key)

Creates a new HMAC SHA1 algorithm instance.

Parameters:key – Signer key as a byte sequence.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod hmac_sha256(key)

Creates a new HMAC SHA256 algorithm instance.

Parameters:key – Signer key as a byte sequence.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod hmac_sha512(key)

Creates a new HMAC SHA512 algorithm instance.

Parameters:key – Signer key as a byte sequence.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod md5(rounds)

Creates a new MD5 algorithm instance.

Parameters:rounds – Number of rounds. Must be an integer between 0 and 120000.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod pbkdf2_sha256(rounds)

Creates a new PBKDF2 SHA256 algorithm instance.

Parameters:rounds – Number of rounds. Must be an integer between 0 and 120000.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod pbkdf_sha1(rounds)

Creates a new PBKDF SHA1 algorithm instance.

Parameters:rounds – Number of rounds. Must be an integer between 0 and 120000.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod scrypt(key, rounds, memory_cost, salt_separator=None)

Creates a new Scrypt algorithm instance.

This is the modified Scrypt algorithm used by Firebase Auth. See standard_scrypt() function for the standard Scrypt algorith,

Parameters:
  • key – Signer key as a byte sequence.
  • rounds – Number of rounds. Must be an integer between 1 and 8.
  • memory_cost – Memory cost as an integer between 1 and 14.
  • salt_separator – Salt separator as a byte sequence (optional).
Returns:

A new UserImportHash.

Return type:

UserImportHash

classmethod sha1(rounds)

Creates a new SHA1 algorithm instance.

Parameters:rounds – Number of rounds. Must be an integer between 0 and 120000.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod sha256(rounds)

Creates a new SHA256 algorithm instance.

Parameters:rounds – Number of rounds. Must be an integer between 0 and 120000.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod sha512(rounds)

Creates a new SHA512 algorithm instance.

Parameters:rounds – Number of rounds. Must be an integer between 0 and 120000.
Returns:A new UserImportHash.
Return type:UserImportHash
classmethod standard_scrypt(memory_cost, parallelization, block_size, derived_key_length)

Creates a new standard Scrypt algorithm instance.

Parameters:
  • memory_cost – Memory cost as a non-negaive integer.
  • parallelization – Parallelization as a non-negative integer.
  • block_size – Block size as a non-negative integer.
  • derived_key_length – Derived key length as a non-negative integer.
Returns:

A new UserImportHash.

Return type:

UserImportHash

to_dict()
class firebase_admin.auth.UserImportResult(result, total)

Bases: object

Represents the result of a bulk user import operation.

See auth.import_users() API for more details.

errors

Returns a list of auth.ErrorInfo instances describing the errors encountered.

failure_count

Returns the number of users that failed to be imported.

success_count

Returns the number of users successfully imported.

class firebase_admin.auth.UserInfo

Bases: object

A collection of standard profile information for a user.

Used to expose profile information returned by an identity provider.

display_name

Returns the display name of this user.

email

Returns the email address associated with this user.

phone_number

Returns the phone number associated with this user.

photo_url

Returns the photo URL of this user.

provider_id

Returns the ID of the identity provider.

This can be a short domain name (e.g. google.com), or the identity of an OpenID identity provider.

uid

Returns the user ID of this user.

class firebase_admin.auth.UserMetadata(creation_timestamp=None, last_sign_in_timestamp=None)

Bases: object

Contains additional metadata associated with a user account.

creation_timestamp

Creation timestamp in milliseconds since the epoch.

Returns:The user creation timestamp in milliseconds since the epoch.
Return type:integer
last_sign_in_timestamp

Last sign in timestamp in milliseconds since the epoch.

Returns:The last sign in timestamp in milliseconds since the epoch.
Return type:integer
class firebase_admin.auth.UserProvider(uid, provider_id, email=None, display_name=None, photo_url=None)

Bases: object

Represents a user identity provider that can be associated with a Firebase user.

One or more providers can be specified in an ImportUserRecord when importing users via auth.import_users().