Socket
Socket
Sign inDemoInstall

@redwoodjs/auth-firebase-api

Package Overview
Dependencies
210
Maintainers
7
Versions
2430
Alerts
File Explorer

Advanced tools

npm Scripts

Install Socket

Detect and block malicious and high-risk dependencies

Install

    @redwoodjs/auth-firebase-api

## Contributing

Version published
Weekly downloads
18K
increased by4.67%
Maintainers
7
Created
Weekly downloads
 

Readme

Source

Authentication

Contributing

If you want to contribute a new auth provider integration we recommend you start by implementing it as a custom auth provider in a Redwood App first. When that works you can package it up as an npm package and publish it on your own. You can then create a PR on this repo with support for your new auth provider in our yarn rw setup auth cli command. The easiest option is probably to just look at one of the existing auth providers in packages/cli/src/commands/setup/auth/providers and the corresponding templates in ../templates.

If you need help setting up a custom auth provider there's more info in the auth docs.

Contributing to the base auth implementation

If you want to contribute to our auth implementation, the interface towards both auth service providers and RW apps we recommend you start looking in authFactory.ts and then continue to AuthProvider.tsx. AuthProvider.tsx has most of our implementation together with all the custom hooks it uses. Another file to be accustomed with is AuthContext.ts. The interface in there has pretty good code comments, and is what will be exposed to RW apps.

getCurrentUser

getCurrentUser returns the user information together with an optional collection of roles used by requireAuth() to check if the user is authenticated or has role-based access.

Use in conjunction with requireAuth in your services to check that a user is logged in, whether or not they are assigned a role, and optionally raise an error if they're not.

@param decoded - The decoded access token containing user info and JWT claims like `sub`
@param { token, SupportedAuthTypes type } - The access token itself as well as the auth provider type
@param { APIGatewayEvent event, Context context } - An object which contains information from the invoker
such as headers and cookies, and the context information about the invocation such as IP Address

Examples

Checks if currentUser is authenticated

This example is the standard use of getCurrentUser.

export const getCurrentUser = async (decoded, { _token, _type }, { _event, _context }) => {
  return { ...decoded, roles: parseJWT({ decoded }).roles }
}
User details fetched via database query
export const getCurrentUser = async (decoded) => {
  return await db.user.findUnique({ where: { decoded.email } })
}
User info is decoded from the access token
export const getCurrentUser = async (decoded) => {
  return { ...decoded }
}
User info is contained in the decoded token and roles extracted
export const getCurrentUser = async (decoded) => {
  return { ...decoded, roles: parseJWT({ decoded }).roles }
}
User record query by email with namespaced app_metadata roles as Auth0 requires custom JWT claims to be namespaced
export const getCurrentUser = async (decoded) => {
  const currentUser = await db.user.findUnique({ where: { email: decoded.email } })

  return {
    ...currentUser,
    roles: parseJWT({ decoded: decoded, namespace: NAMESPACE }).roles,
  }
}
User record query by an identity with app_metadata roles
const getCurrentUser = async (decoded) => {
  const currentUser = await db.user.findUnique({ where: { userIdentity: decoded.sub } })
  return {
    ...currentUser,
    roles: parseJWT({ decoded: decoded }).roles,
  }
}
Cookies and other request information are available in the req parameter, just in case
const getCurrentUser = async (_decoded, _raw, { event, _context }) => {
  const cookies = cookie(event.headers.cookies)
  const session = cookies['my.cookie.name']
  const currentUser = await db.sessions.findUnique({ where: { id: session } })
  return currentUser
}

requireAuth

Use requireAuth in your services to check that a user is logged in, whether or not they are assigned a role, and optionally raise an error if they're not.

@param {string=} roles - An optional role or list of roles
@param {string[]=} roles - An optional list of roles

@returns {boolean} - If the currentUser is authenticated (and assigned one of the given roles)

@throws {AuthenticationError} - If the currentUser is not authenticated
@throws {ForbiddenError} If the currentUser is not allowed due to role permissions

Examples

Checks if currentUser is authenticated
requireAuth()
Checks if currentUser is authenticated and assigned one of the given roles
 requireAuth({ role: 'admin' })
 requireAuth({ role: ['editor', 'author'] })
 requireAuth({ role: ['publisher'] })

FAQs

Last updated on 23 Apr 2024

Did you know?

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

The AI Advantage: Reshaping Cybersecurity in the Age of Autonomous Threats

Security News

The AI Advantage: Reshaping Cybersecurity in the Age of Autonomous Threats

As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.

By Sarah Gooding  -  Apr 25, 2024
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap

About

Packages

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc