Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

hapi-firebase-scope-auth

Package Overview
Dependencies
Maintainers
1
Versions
2
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

hapi-firebase-scope-auth

Firebase authentication support with scope validation for HapiJS

  • 1.0.1
  • latest
  • Source
  • npm
  • Socket score

Version published
Weekly downloads
2
increased by100%
Maintainers
1
Weekly downloads
 
Created
Source

hapi-firebase-scope-auth

Intro & Features

  • Firebase Authentication plugin for HapiJS.
  • This is used for validating Firebase authentication for HapiJs routes.
  • Has support for Role based Access Control (RBAC) with firebase for API routes

Installation

npm install hapi-firebase-scope-auth

Usage

 
// Plugin registration
await server.register(require('hapi-firebase-auth'))

// Initialize Firebase Admin SDK

const { initializeApp } = require('firebase-admin/app')
const { getAuth } = require('firebase-admin/auth')

const fireApp = initializeApp()
const firebaseAdminAuthInstance = getAuth(fireApp)
 
// Create strategy
server.auth.strategy('myFirebase', 'firebase-scope', {
  firebaseAdminAuth: firebaseAdminAuthInstance,
  scopeField: 'role'
})

RBAC Usage

  • This plugin uses Firebase Admin SDK's verifyIdToken method to validate token.
  • Once the token is validated then verifyIdToken returns JWT decoded values which include user details and custom claims.
  • Set scopeField value in strategy as shown in above configuration. scopeField is any key / field from decoded JWT.
  • Based on scope configuration in route, it will be validated against scopeField

// Following route will be authenticated if role value of user is either admin or author
server.routes([{
  method: 'GET',
  path: '/health',
  options: {
    auth: {
      strategy: 'myFirebase',
      scope: ['admin', 'author']
    },
    tags: ['api', 'health'],
    handler: LoginHandler,
    plugins: {},
    security: true
  }
}])

License

MIT

Credits

  • Credits to Author of hapi-firebase-auth plugin for providing a base to create this plugin.

Authors

Keywords

FAQs

Package last updated on 23 Feb 2022

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc