firebase-lite

Firebase Lite

Tiny modular Firebase library

Refactored from firebase-auth-lite

Reason for this lib

What Firebase does is great. How it does it is sometimes not so great.

The two main issues I always run into when using Firebase is that their client-side libraries, even the new tree-shakeable modular v9 ones, are big and seem bloated. This means your site is going to be slower to load and have worse Lighthouse scores which carry over into SEO metrics. Also, Firebase auth has become the source of many auth-related user issues. From "oh no, they signed in with Google so now they can't sign-in with facebook again unless you perform a ritual" to plain old "oh no, they have a new iOS device so you now have to customize how auth loads to make it work at all". Even when it works, it does crazy things such as loading another 270Kb iframe on mobile devices.

All this was maybe acceptable (was it really though? tolerated perhaps ...) in the time of "Single Page App All The Things!" but with the resurgence in Multi Page Apps, it's way too much to load and then re-load on each and every page request.

Even for a SPA, I'd prefer the majority of my app code to be my own app, not just the bit that tells me who people are.

How is it different?

This library takes a minimalist approach.

It talks directly to Google Identity Platform API (the real auth system - firebase auth is just a veneer on top).

Even though it's only about 2.5Kb all together, it's still modular and tree-shakeable. So you can eek out every saving possible and create the absolute smallest code you need for each page. i.e. Don't bundle all the auth code just to show the user's current auth status, only include the sign-in code on the sign-in page, and the sign-in-redirect handling in the redirect page and so on. The pieces end up so tiny they can be inlined into those pages for even better performance.

Features

Just because it's tiny doesn't mean it can't do everything required. It provides:

• ✅ Auth token change notifications (when an auth token is refreshed)
• ✅ Auth status change notifications (when a user signs in or out)
• ✅ Auth refresh token handling
• ✅ User profile updates
• ✅ Account Registration (email and password)
• ✅ Sign in via Email and Password
• ✅ Sign in via Email only (passwordless, using email link)
• ✅ Sign in via Provider (Google, Facebook etc...)
• ✅ Sign in via Custom Auth Token (for other auth integrations)
• ✅ Sign out (because a "Hotel California" auth system won't cut it)
• ✅ Email address verification (send email to verify address ownership)
• ✅ Account recovery (request password reset email)
• ✅ Auth state persistence disabled
• ✅ Auth state persistence using LocalStorage
• ✅ Auth state persistence using SessionStorage
• ✅ Auth state persistence using IndexedDB
• ✅ Auth state syncronization between tabs (depending on persistence)
• ✅ Authorizing fetch requests by adding http headers
• ✅ Full Typescript support
• ❌ No support (yet) for the Firebase auth emulator
• ❌ No support for v2 features which cost $extra (2FA etc...)

Configuring Google Identity Platform

Todo