Skip to content

FritzFlorian/fire_auth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

13 Commits
config
config
 
 
lib
lib
 
 
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
mix.exs
mix.exs
 
 
mix.lock
mix.lock
 
 

Repository files navigation

FireAuth

Server side verification of firebase authentication using ID tokens.

In short this library will allow you to use firebase auth as an authentication method for your backend. The client app/webapp can generate an token that is then sent with each request to your backend to identifiy users.

Client Side

On the client side you will have to generate an ID token. See the firebase doc for detailed instructions.

After you got the token simply include it as a header in each request:

Authorization : Bearer <put-your-token-here>

Server Side

Add the library to your mix file.

{:fire_auth, "~> 0.1.0"}

Add your firebase project id to your config.

config :fire_auth,
  project_id: "project-id"

Add the following plug to validate the id token.

plug FireAuth

This will validate the id token in the request header and put information about it into conn.assigns.fire_auth.info.

To use the library for full authentication (load a user form the DB) use this plug.

plug FireAuth, [load_user: &load_user/1, load_groups: &load_groups/2]

Where &load_user/1 and &load_groups/2 are used to load the user model from your database and to extract the users groups out of the loaded user model.

For example this would be typical implementations.

def load_user(%{id: firebase_id} = _info) do
	# Ideally do an insert or update here
	Repo.get_by(User, firebase_id: firebase_id)
end

def load_groups(user, _info) do
	user.groups
end

With this set you can secure individual routes using the FireAuth.Secure plug.

# can only be accesed if the request contains an valid token
plug FireAuth.Secure

# only secure the :index action (in a phoenix project) 
plug FireAuth.Secure when action in [:index]

# can only be accessed by users with the required_group
plug FireAuth.Secure, group: "required_group"

It is a very simple system, but works very well for most smaller projects and is especially nice nice to get started fast.

Testing Secure Routes

To test secured routes you can set the :fire_auth_user assign in your connection before it enters the router. This will ignore the header and use this user instead.

For example you can add an setup like the following.

setup %{conn: conn} = config do
  if config[:login] do
    groups = config[:groups] || []
    user = Factory.insert(:user, groups: groups)
    conn = Plug.Conn.assign(conn, :fire_auth_user, user)
    {:ok, conn: conn, user: user}
  else
    {:ok, conn: conn}
  end
end

Then use it in your tests like this.

@tag :login
test "some test", %{conn: conn, user: user} do
  # The conn is authenticated with the user
end

About

Firebase Authentication for Plug

Resources

Readme

License

Apache-2.0 license
Activity

Stars

2 stars

Watchers

1 watching

Forks

4 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages