JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 21
  • Score
    100M100P100Q46172F
  • License ISC

A higher order function that decodes a Firebase Auth JWT and decorates the NextJS api request object with a Firebase user

Package Exports

  • with-firebase-user

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (with-firebase-user) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

use-firebase-user (wip)

A higher order function that decodes a Firebase Auth JWT and decorates the NextJS API request object with a Firebase user.

Warning

This software is currently experimental as I haven't written any tests or validated it in production for any period of time. I have only briefly tested it during the development of a project I am working on.

Introduction

I wanted to use Firebase Auth to authenticate and secure routes in my NextJS API.

The Problem

  • Unable to add middleware to express middleware chain for NextJS API routes.
  • Don't want to add the large Firebase Admin library for light weight serverless functions on Vercel.

My Solution

  • Follow the Verify ID Tokens using a third party JWT library instructions from the firebase auth docs to securely verify and decode the JWT.
  • Write a higher order function to decorate the NextJS request object with authenticated Firebase user data.

Installation

npm i --save with-firebase-user

or

yarn add with-firebase-user

Configure Caching on Vercel

This library attempts to cache the public keys that the Firebase Auth JWT's are signed with. To do this you need to add some configuration to your Vercel project to be able to read/write the file system. Here is the documentation for how this works: How can I use files in serverless functions. By default the library uses a file called cachedPublicKeys.json.

Usage

Pass your NextJS handler to withFirebaseUser and it will add the authenticated user to the request object user key.

import { withFirebaseUser } from 'with-firebase-user';

const handler = async (req, res) => {
  res.send(req.user);
};

export default withFirebaseUser(handler);

Make sure to add your JWT to the request headers on the client.

fetch('/api/users', {
  headers: {
    Authorization: 'Bearer <JWT>',
  },
});

API

const withFirebaseUser: (
  handler: (
    req: NextApiRequestWithFirebaseUser,
    res: NextApiResponse
  ) => Promise<void>,
  options?: WithFirebaseUserOptions | undefined
) => (req: NextApiRequest, res: NextApiResponse) => Promise<void>;

WithFirebaseUserOptions (passed as a second argument to withFirebaseUser function)

interface WithFirebaseUserOptions {
  cacheFilename?: string; // defaults to `cachedPublicKeys.json`
  projectId?: string; // verifies the audience and issuer of the JWT when provided
}

FirebaseUser added to request

export interface FirebaseUser {
  name?: string;
  user_id: string;
  email?: string;
  email_verified?: boolean;
}

Contributing

If you decide to use this library and find any issues please open a new issue reporting the bug. If you'd like to contribute some code, open a PR! :) Thanks