Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@honojs/firebase-auth

Package Overview
Dependencies
Maintainers
3
Versions
3
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@honojs/firebase-auth

A third-party firebase auth middleware for Hono

  • 1.0.2
  • latest
  • Source
  • npm
  • Socket score

Version published
Maintainers
3
Created
Source

Hono Firebase Auth middleware for Cloudflare Workers.

Moving

Firebase Auth Middleware @honojs/firebase-auth is renamed to @hono/firebase-auth. @honojs/firebase-auth is not maintained, please use @hono/firebase-auth. Also, for Deno, you can use import with npm: prefix like npm:@hono/firebase-auth.


This is a Firebase Auth middleware library for Hono which is used firebase-auth-cloudflare-workers.

Currently only Cloudflare Workers are supported officially. However, it may work in other environments as well, so please let us know in an issue if it works.

Synopsis

Module Worker Syntax (recommend)

import { Hono } from "hono";
import { VerifyFirebaseAuthConfig, VerifyFirebaseAuthEnv, verifyFirebaseAuth, getFirebaseToken } from "@hono/firebase-auth";

const config: VerifyFirebaseAuthConfig = {
  // specify your firebase project ID.
  projectId: "your-project-id",
}

// Or you can specify here the extended VerifyFirebaseAuthEnv type.
const app = new Hono<{ Bindings: VerifyFirebaseAuthEnv }>()

// set middleware
app.use("*", verifyFirebaseAuth(config));
app.get("/hello", (c) => {
  const idToken = getFirebaseToken(c) // get id-token object.
  return c.json(idToken)
});

export default app

Service Worker Syntax

import { Hono } from "hono";
import { VerifyFirebaseAuthConfig, verifyFirebaseAuth, getFirebaseToken } from "@hono/firebase-auth";

const config: VerifyFirebaseAuthConfig = {
  // specify your firebase project ID.
  projectId: "your-project-id",
  // this is optional. but required in this mode.
  keyStore: WorkersKVStoreSingle.getOrInitialize(
    PUBLIC_JWK_CACHE_KEY,
    PUBLIC_JWK_CACHE_KV
  ),
  // this is also optional. But in this mode, you can only specify here.
  firebaseEmulatorHost: FIREBASE_AUTH_EMULATOR_HOST,
}

const app = new Hono()

// set middleware
app.use("*", verifyFirebaseAuth(config));
app.get("/hello", (c) => {
  const idToken = getFirebaseToken(c) // get id-token object.
  return c.json(idToken)
});

app.fire()

Config (VerifyFirebaseAuthConfig)

projectId: string (required)

This field indicates your firebase project ID.

authorizationHeaderKey?: string (optional)

Based on this configuration, the JWT created by firebase auth is looked for in the HTTP headers. The default is "Authorization".

keyStore?: KeyStorer (optional)

This is used to cache the public key used to validate the Firebase ID token (JWT). This KeyStorer type has been defined in firebase-auth-cloudflare-workers library.

If you don't specify the field, this library uses WorkersKVStoreSingle instead. You must fill in the fields defined in VerifyFirebaseAuthEnv.

keyStoreInitializer?: (c: Context) => KeyStorer (optional)

Use this when initializing KeyStorer and environment variables, etc. are required.

If you don't specify the field, this library uses WorkersKVStoreSingle instead. You must fill in the fields defined in VerifyFirebaseAuthEnv.

disableErrorLog?: boolean (optional)

Throws an exception if JWT validation fails. By default, this is output to the error log, but if you don't expect it, use this.

firebaseEmulatorHost?: string (optional)

You can specify a host for the Firebase Auth emulator. This config is mainly used when Service Worker Syntax is used.

If not specified, check the FIREBASE_AUTH_EMULATOR_HOST environment variable obtained from the request.

Author

codehex https://github.com/Code-Hex

License

MIT

Contribution

If you are interested, send me PR would be greatly appreciated!

To test this code in your local environment, execute the following command.

$ yarn test-with-emulator

FAQs

Package last updated on 04 Feb 2023

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc