passport-firebase-jwt
Advanced tools
Based on passport-jwt A Passport strategy for authenticating with a Firebase Auth.
This module lets you authenticate endpoints when using Firebase Auth.
npm install passport-firebase-jwt
NestJS TypeScript usage example:
import { PassportStrategy } from '@nestjs/passport';
import { Injectable, UnauthorizedException } from '@nestjs/common';
import { Strategy, ExtractJwt } from 'passport-firebase-jwt';
import { auth } from 'firebase-admin';
@Injectable()
export class FirebaseAuthStrategy extends PassportStrategy(Strategy) {
constructor() {
super({
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken()
});
}
validate(token) {
return auth()
.verifyIdToken(token, true)
.catch((err) => {
console.log(err);
throw new UnauthorizedException();
});
}
}
There are a number of ways the JWT may be included in a request. In order to remain as flexible as
possible the JWT is parsed from the request by a user-supplied callback passed in as the
jwtFromRequest parameter. This callback, from now on referred to as an extractor,
accepts a request object as an argument and returns the encoded JWT string or null.
A number of extractor factory functions are provided in passport-jwt.ExtractJwt. These factory functions return a new extractor configured with the given parameters.
fromHeader(header_name) creates a new extractor that looks for the JWT in the given http
headerfromBodyField(field_name) creates a new extractor that looks for the JWT in the given body
field. You must have a body parser configured in order to use this method.fromUrlQueryParameter(param_name) creates a new extractor that looks for the JWT in the given
URL query parameter.fromAuthHeaderWithScheme(auth_scheme) creates a new extractor that looks for the JWT in the
authorization header, expecting the scheme to match auth_scheme.fromAuthHeaderAsBearerToken() creates a new extractor that looks for the JWT in the authorization header
with the scheme 'bearer'fromExtractors([array of extractor functions]) creates a new extractor using an array of
extractors provided. Each extractor is attempted in order until one returns a token.FAQs
Passport authentication strategy for Firebase JWT token
The npm package passport-firebase-jwt receives a total of 22,903 weekly downloads. As such, passport-firebase-jwt popularity was classified as popular.
We found that passport-firebase-jwt demonstrated a not healthy version release cadence and project activity because the last version was released a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
PyPI confirms no security flaws were exploited in the Ultralytics supply chain attack and highlights improvements for safer package publishing.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.