Username password auth

[beaspider]

I have a use case where I need to authenticate with a username/password from a 3rd party system.
I have added an example username-password-auth

[googlebot]

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed, please reply here (e.g. I signed it!) and we'll verify. Thanks.

---

• If you've already signed a CLA, it's possible we don't have your GitHub username or you're using a different email address. Check your existing CLA data and verify that your email is set on your git commits.
• If you signed the CLA as a corporation, please let us know the company's name.

[beaspider]

Have signed the CLA :)

[googlebot]

CLAs look good, thanks!

[nicolasgarnier]

Great idea for a sample! Some comments

[nicolasgarnier]

Indent here is 4 space. Switch to two like the rest of the file (and the other samples) :)

[nicolasgarnier]

The rest of the file also has a bunch of 4 space indents :) please fix

[nicolasgarnier]

I think that OPTIONS requests are already taken care of by the cors middleware. Probably you can remove this check.

[nicolasgarnier]

Make sure you use single quotes everywhere for Strings and ctually here you could use String interpolation:

const url = `https://httpbin.org/basic-auth/${username}/Testing123`;

[nicolasgarnier]

Could you add i the comment here that the request expects a username and password values to be passed in the body of the request?

[nicolasgarnier]

Most (or all) of the let in here could be const could you make the switch?

[nicolasgarnier]

Could you move the part where you do the Basic auth check in a separate method? Because this will be the part that developers will need to adapt if they want to use this in their own system so it's better in tis own function. And make sure to add a TODO like:

// TODO(DEVELOPER): In production you'll need to update this method so that it sends a Basic auth request to your own credentials system.

[nicolasgarnier]

Actually you don't need to update the user here since we're not adding any information here (email, profile pic etc...) so you can just go ahead and generate the custom token and voila. That's because using a custom token on the client will automatically create the Firebase account if it does not exist.

Basically change the whole method by:

function createFirebaseAccount(uid) { // Create a Firebase custom auth token. const token = admin.auth().createCustomToken(uid); console.log('Created Custom token for UID "', uid, '" Token:', token); return token; }

[nicolasgarnier]

Add newline at the end of the file :)

[nicolasgarnier]

I don't think this file is used. remove it? The one that is being served is the main.css in the public directory.

[nicolasgarnier]

Can you use single quotes for Strings in JavaScrip in the whole file?

[beaspider]

I have completed all the requested changes + added some extra error handling :)

[nicolasgarnier]

Looks good, thanks so much @beaspider !