MondoKit GCP Firebase Auth
Use GCP Firebase Auth to authenticate your users
Note:
@mondokitlibs all require ESM. If your project still uses CommonJS, then you can continue using our previous incarnation, gae-js, until you can make the upgrade.
Find the source code at gcp-firebase-auth on GitHub.
Installation
npm install @mondokit/gcp-firebase-auth
Usage
The verifyFirebaseUser middleware will inspect the request headers and if an Authorization header with a Bearer token is found it is validated as a Firebase Auth token. For a valid user the details are mapped into a local BaseUser instance and set into request storage for use downstream.
e.g.
Step 1: Initialise Firebase Auth and apply middleware
// Add firebase auth support
const firebaseAdmin = admin.initializeApp({ projectId: config.projectId });
app.use(verifyFirebaseUser(firebaseAdmin));
Step 2: Access user info or apply guard middleware
import { requiresRole } from "./requires-role";
// Adhoc access
app.user("/endpoint1", (req, res) => {
const user = userRequestStorage.get();
res.send(user ? "Logged in" : "No user found")
})
// requiresUser guard will throw if no user found
app.get(
"/roles",
requiresUser(),
asyncHandler(async (req: Request, res: Response) => {
const user = userRequestStorage.get();
res.send(`You have roles ${user.roles}`);
})
);
// requiresRole guard will throw if no user or user does not have the specified role
app.put(
"/roles",
requiresRole("ADMIN"),
asyncHandler(async (req: Request, res: Response) => {
const user = userRequestStorage.get();
const { body } = req;
await admin.auth().setCustomUserClaims(user.id, { roles: body.roles });
res.send(`User now has roles ${body.roles}`);
})
);