We are migrating users into Firebase Auth from an external database using password hashed with SHA256.
We currently try from firebase_admin import auth to import the users. We are able to import an example user, but not able to login with the user (wrong password).
Here are the minimal code snippets to reproduce the issue.
- We use a user as an example
- We use sha256 to hash password
- Run
import_users_to_firebase() - Try to login with the example user -> invalid password
`
def hash_password(raw_password):
import base64
import hashlib
algo = hashlib.sha256()
algo.update(raw_password)
return base64.b64encode(algo.digest())
def create_mock_user_data():
email = '[email protected]'
password = '[email protected]'
password_hash = hash_password(password)
print 'password_hash: {}'.format(password_hash)
return email, password_hash
def import_users_to_firebase():
mock_email, mock_password_hash = create_mock_user_data()
users = [
auth.ImportUserRecord(
uid='someuid',
display_name='Test example',
email=mock_email,
email_verified=False,
password_hash=b'{}'.format(mock_password_hash),
),
# users list can contain up to 1000 records
]
hash_alg = auth.UserImportHash.sha256(rounds=0)
result = auth.import_users(users, hash_alg=hash_alg)
print('Successfully imported {0} users. Failed to import {1} users.'.format(
result.success_count, result.failure_count))
for err in result.errors:
print('Failed to import {0} due to {1}'.format(
users[err.index].uid, err.reason))
`
Am I missing something or misunderstanding something here?
Is there a way that I can check the password_hash is imported correctly? Or is there a way that I can config which hashing algorithm Firebase is using so that the imported password would match the example user login?
