![Malicious npm Package Typosquats react-login-page to Deploy Keylogger](https://cdn.sanity.io/images/cgdhsj6q/production/007b21d9cf9e03ae0bb3f577d1bd59b9d715645a-1024x1024.webp?w=400&fit=max&auto=format)
Research
Security News
Malicious npm Package Typosquats react-login-page to Deploy Keylogger
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
firebase-admin
Advanced tools
Package description
The firebase-admin npm package is a server-side library that allows Node.js applications to interact with Firebase services such as Firestore, Firebase Realtime Database, Firebase Authentication, and Firebase Cloud Messaging. It provides administrative privileges to perform operations like creating and managing users, setting security rules, and accessing database services programmatically.
Authentication
This feature allows you to create and manage users in Firebase Authentication. The code sample demonstrates how to create a new user with specific attributes.
admin.auth().createUser({
email: 'user@example.com',
emailVerified: false,
password: 'secretPassword',
displayName: 'John Doe',
photoURL: 'http://www.example.com/12345678/photo.png',
disabled: false
})
.then(function(userRecord) {
console.log('Successfully created new user:', userRecord.uid);
})
.catch(function(error) {
console.log('Error creating new user:', error);
});
Database
This feature enables you to interact with Firestore, a NoSQL database. The code sample shows how to add a new document to a collection in Firestore.
var db = admin.firestore();
var docRef = db.collection('users').doc('alovelace');
var setAda = docRef.set({
first: 'Ada',
last: 'Lovelace',
born: 1815
});
Realtime Database
This feature allows you to interact with Firebase Realtime Database. The code sample demonstrates how to set data in the database.
var db = admin.database();
var ref = db.ref('server/saving-data/fireblog');
var usersRef = ref.child('users');
usersRef.set({
alanisawesome: {
date_of_birth: 'June 23, 1912',
full_name: 'Alan Turing'
},
gracehop: {
date_of_birth: 'December 9, 1906',
full_name: 'Grace Hopper'
}
});
Cloud Messaging
This feature is used to send notifications and messages to users through Firebase Cloud Messaging. The code sample illustrates how to send a message to a device with a specific registration token.
var registrationToken = 'YOUR_REGISTRATION_TOKEN';
var message = {
data: {
score: '850',
time: '2:45'
},
token: registrationToken
};
admin.messaging().send(message)
.then((response) => {
console.log('Successfully sent message:', response);
})
.catch((error) => {
console.log('Error sending message:', error);
});
Parse Server is an open-source version of the Parse backend that can be deployed to any infrastructure that can run Node.js. It provides functionalities similar to Firebase, such as user authentication, database operations, and push notifications. Compared to firebase-admin, Parse Server is self-hosted and offers more flexibility in terms of infrastructure.
The AWS SDK for JavaScript allows developers to interact with AWS services such as DynamoDB, Cognito for authentication, and SNS for notifications. While it provides similar functionalities, it is part of the broader AWS ecosystem and requires more setup and management compared to firebase-admin, which is more focused on ease of use and rapid development.
The Azure SDK for JavaScript enables interaction with Azure services like Azure Cosmos DB, Azure Active Directory for authentication, and Azure Notification Hubs for messaging. Similar to AWS SDK, it is part of a larger cloud platform and offers extensive services beyond what firebase-admin provides, but with potentially more complexity in setup and management.
Readme
Programmatically instantiate and modify Firebase instances.
For automated testing, mostly.
npm install --save firebase-admin
var FirebaseAccount = require('firebase-admin');
var Firebase = require('firebase');
FirebaseAccount.getToken('user', 'pass')
.then(function(token) {
var account = new FirebaseAccount(token);
account.createDatabase('new-instance-name')
.then(function(instance) {
var fb = new Firebase(instance.toString());
})
.catch(function(err) {
console.error('Oops, error creating instance:', err);
});
});
There's JSDoc-generated API documentation.
git clone https://github.com/casetext/firebase-admin
cd firebase-admin
npm install
npm test
Please jshint
. That is all.
Big whoop, wanna fight about it?
FAQs
Unknown package
We found that firebase-admin demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket researchers unpack a typosquatting package with malicious code that logs keystrokes and exfiltrates sensitive data to a remote server.
Security News
The JavaScript community has launched the e18e initiative to improve ecosystem performance by cleaning up dependency trees, speeding up critical parts of the ecosystem, and documenting lighter alternatives to established tools.
Product
Socket now supports four distinct alert actions instead of the previous two, and alert triaging allows users to override the actions taken for all individual alerts.