I am working on refactoring my backend to use Google Cloud Functions. I have deployed a function and am trying to test it from my localhost.
I am getting a 403 error. I followed the steps here to allow public access but I still get a 403 403 Response from Google Cloud Functions
The function does require header credentials which I believe I am passing in properly:
const response = await axios.post(
`${process.env.REACT_APP_API_URL}/function-1`,
{ idToken },
{
headers: {
Accept: "application/json",
"Content-Type": "application/json",
},
withCredentials: true,
}
);
I can’t find any other resources to debug a 403 other than those detailing how to add the public invoker permission.
My cloud function looks like:
import firebase_admin
from firebase_admin import credentials, auth, exceptions
from firebase_admin import storage
from firebase_admin import firestore
from google.cloud.firestore import FieldFilter
from fastapi import FastAPI, Request, HTTPException, APIRouter
# @app.post('/session_login')
async def session_login(request: Request):
data = await request.json()
id_token = data['idToken']
try:
decoded_claims = auth.verify_id_token(id_token)
if time.time() - decoded_claims['exp'] < 5 * 60:
expires_in = timedelta(days=10)
session_cookie = auth.create_session_cookie(id_token, expires_in=expires_in)
email = decoded_claims['email']
uid = decoded_claims['uid']
# Get a reference to the Firestore database
db = firestore.client()
# Query the user document by user_id
user_ref = db.collection("customers").where(filter=FieldFilter("user_id", "==", uid))
user_docs = user_ref.get()
if user_docs:
user_doc = user_docs[0]
user_data = user_doc.to_dict()
else:
# If user document doesn't exist, create it with initial credits
new_user_data = {
'email': email,
'user_id': uid,
'credits': 50,
'current_subscription_tier': 'Free'
}
db.collection("customers").add(new_user_data)
user_data = new_user_data
response = JSONResponse({'status': 'success', 'user_data': user_data})
response.set_cookie(
'session', session_cookie, expires=expires_in, max_age=10*24*60*60, path="/", samesite='None', secure=True, httponly=True)
return response
else:
raise HTTPException(status_code=401, detail='Recent sign in required')
except auth.InvalidIdTokenError:
raise HTTPException(status_code=401, detail='Invalid ID token')
except exceptions.FirebaseError:
raise HTTPException(status_code=401, detail='Failed to create a session cookie')