NestJS Passport Strategy for Firebase Auth using Firebase Admin SDK
Installation
Install peer dependencies
npm install passport passport-jwt
npm install --save-dev @types/passport-jwt
@nestjs/passport
for authentication
Install npm install @nestjs/passport
Install strategy
npm install @tfarras/nestjs-firebase-auth
Important
To work with Firebase Auth you need to configure and initialize your firebase app. For this purpose you can use my module for firebase-admin.
Create strategy
import { Injectable } from "@nestjs/common";
import { PassportStrategy } from "@nestjs/passport";
import { ExtractJwt } from 'passport-jwt';
import { FirebaseAuthStrategy } from '@tfarras/nestjs-firebase-auth';
@Injectable()
export class FirebaseStrategy extends PassportStrategy(FirebaseAuthStrategy, 'firebase') {
public constructor() {
super({
extractor: ExtractJwt.fromAuthHeaderAsBearerToken(),
});
}
}
Note: You should provide an extractor. More information about passport-jwt extractors you can find here: http://www.passportjs.org/packages/passport-jwt/#included-extractors
AuthModule
and provide created strategy
Create import { Module } from "@nestjs/common";
import { PassportModule } from "@nestjs/passport";
import { FirebaseStrategy } from "./firebase.strategy";
@Module({
imports: [PassportModule],
providers: [FirebaseStrategy],
exports: [FirebaseStrategy],
controllers: [],
})
export class AuthModule { }
AuthModule
into AppModule
Import import { FirebaseAdminCoreModule } from '@tfarras/nestjs-firebase-admin';
import { Module } from '@nestjs/common';
import { ConfigModule, ConfigService } from 'nestjs-config';
import { AppController } from './app.controller';
import { AppService } from './app.service';
import { AuthModule } from './auth/auth.module';
import * as path from 'path';
@Module({
imports: [
ConfigModule.load(path.resolve(__dirname, 'config', '**', '!(*.d).{ts,js}')),
FirebaseAdminCoreModule.forRootAsync({
useFactory: (config: ConfigService) => config.get('firebase'),
inject: [ConfigService],
}),
AuthModule,
],
controllers: [AppController],
providers: [AppService],
})
export class AppModule { }
Protect your routes
import { Controller, Get, Inject, UseGuards } from '@nestjs/common';
import { AuthGuard } from '@nestjs/passport';
import { FirebaseAdminSDK, FIREBASE_ADMIN_INJECT } from '@tfarras/nestjs-firebase-admin';
import { AppService } from './app.service';
@Controller()
export class AppController {
constructor(
private readonly appService: AppService,
@Inject(FIREBASE_ADMIN_INJECT) private readonly fireSDK: FirebaseAdminSDK,
) { }
@Get()
@UseGuards(AuthGuard('firebase'))
getHello() {
return this.fireSDK.auth().listUsers();
}
}
Custom second validation
In cases when you want to validate also if user exists in your database, or anything else after successfull Firebase validation you can define custom validate
method in your strategy.
Example
import { Injectable } from "@nestjs/common";
import { PassportStrategy } from "@nestjs/passport";
import { FirebaseAuthStrategy, FirebaseUser } from '@tfarras/nestjs-firebase-auth';
import { ExtractJwt } from 'passport-jwt';
@Injectable()
export class FirebaseStrategy extends PassportStrategy(FirebaseAuthStrategy, 'firebase') {
public constructor() {
super({
extractor: ExtractJwt.fromAuthHeaderAsBearerToken(),
});
}
async validate(payload: FirebaseUser): Promise<FirebaseUser> {
// Do here whatever you want and return your user
return payload;
}
}