Many projects would at some point require a mobile-id centralized login instead of email as a primary username.
In many projects nowadays, users are less willing to login with email and more willing to register with phone-numbers.
I know its possible to build vanity-logins through mapping the login form so that it fetches the useremail and logs in with that as a hidden field. But I guess this is not very optimal.
I understand that its possible to set-up your own oauth server but this seems pretty complex and not very user friendly at userlogin (oauth strategy via external weburl).
After some research throughout the firebase documentation it seems that with a serverside script you could issue auth-tokens.
My idea for how to solve this in bubble:
Userid and password(hashed) is stored in bubbles firebase db, alongside with the rights assigned for each user.
The login form from bubble frontend does an ajax request to a bubble-serverside script whom has full access rights to the usertable in firebase. After validating correct phonenumber and password with db, the serverside script fetches the roles/rules and generates a new auth token whom is passed through ajax to frontend-client, and from there it is appended as an auth-token to the browser (in cookie or localstorage). The view can now make valid firebase calls.
https://www.firebase.com/docs/security/api/rule/auth.html
(Pardon me if not described well, but very very tired right now and just wanna sleeep…)
Any ideas to how one should solve this if done myself, eventually how could Bubble solve it for the users? Let me know if there is any NodeJSers here that wanna play around with this in the Bubble chat!