7

I'm working on a chrome extension and trying to implement an authentication method (firebase). I'm confused by what has to go where, since the popup.html doesn't allow inline script, it makes it a bit more difficult. As far as I see this there are 2 options:

  1. Call external page (hosted by me) from the extension, open in new tab, handle login there. But in this case, how does the extension communicate with the login page? Cookies? I need the confirmation inside my popup.js

  2. Try to handle Email/Password login in Chrome extension popup, which seems more complicated. I always violate the Content Security Policy, bit annoying. I tried this already, problem is once you close the popup, it looses the login state.

I researched already a lot, but there is no real good example so far, and other questions are barely answered. Thanks!

ffritz
  • 2,180
  • 1
  • 28
  • 64
  • What about using [chrome.identity](https://developer.chrome.com/extensions/identity) in the background script sending [messages](https://developer.chrome.com/extensions/messaging) from the popup? – Iván Nokonoko Jun 10 '16 at 19:12
  • This might work for OAuth applications such as Facebook right? I'm trying to implement the native Firebase login. – ffritz Jun 11 '16 at 12:30

1 Answers1

7

You could try to have the login/password input boxes in the popup but run the actual login code in the background page. You can do that sending a message from the popup to the background page or directly from the popup using something like:

popup.html:

<input type="text" id="email">
<input type="password" id="password">

popup.js:

var email = document.getElementById("email").value;
var password = document.getElementById("password").value;

chrome.runtime.getBackgroundPage(function(bgPage){
    bgPage.performFirebaseLoginWithEmailAndPassword(email,password);
});

Since the background page is always on, the login state should be preserved when the popup is closed.

Iván Nokonoko
  • 4,888
  • 2
  • 19
  • 27
  • So yes, I think this works, eventhough it leads to another error, but this doesn't seem to be related to this, but rather seems like a security issue, I opened a new question: http://stackoverflow.com/questions/37764706/ – ffritz Jun 12 '16 at 15:04
  • @iván-nokonoko I have created a chrome extension to use as a convenient way to access an internal collaboration tool used within our team. In that extension I have a login form inside a popup and the login works fine. But if I close popup and leave it closed for some time, it appears to loose the session. When I open the popup after that I have to login again. Any idea what this happens? Is it because I don't have a background page? I have all login code inside popup itself. – rineez Aug 24 '17 at 11:09