Connect Session Firebase
connect-session-firebase
is a Connect/Express compatible session store backed by the Firebase SDK.
Installation
firebase-admin
must be added as a peer dependency, or you're gonna have a bad time. connect-session-firebase
expects a only matching major
version of Firebase, i.e. any connect-session-firebase@11.x.x
version will expect any firebase-admin@11.x.x
version peer dependency.
$ npm install firebase-admin connect-session-firebase --save
Options
-
database
A pre-initialized Firebase Database app instance. -
sessions
(optional) A child reference string for session storage. (defaults to "sessions") -
reapInterval
(optional) How often expired sessions should be cleaned up. (defaults to21600000
, 6 hours in milliseconds) -
reapCallback
(optional) A callback function to execute whenever a session clean up occurs. -
errorIfSessionNotFound
(optional) Return an error object to the callback if a session doesn't exist. Only useful if you want to log when a session is no longer available. (defaults tofalse
)
Usage
Initialize firebase-admin
database and pass the instance to FirebaseStore
. Connecting to the database requires a credential cert via a JSON file from the Firebase IAM & Admin Console.
const connect = require('connect')
const FirebaseStore = require('connect-session-firebase')(connect)
const firebase = require('firebase-admin')
const ref = firebase.initializeApp({
credential: firebase.credential.cert('path/to/serviceAccountCredentials.json'),
databaseURL: 'https://databaseName.firebaseio.com',
})
connect()
.use(connect.cookieParser())
.use(
connect.session({
store: new FirebaseStore({
database: ref.database(),
}),
secret: 'keyboard cat',
}),
)
-
NOTE: In Express 4
express-session
must be passed to the functionconnect-session-firebase
exports in order to extendexpress-session.Store
:
const express = require('express');
const session = require('express-session');
const FirebaseStore = require('connect-session-firebase')(session);
const firebase = require('firebase-admin');
const ref = firebase.initializeApp({
credential: firebase.credential.cert('path/to/serviceAccountCredentials.json'),
databaseURL: 'https://databaseName.firebaseio.com'
});
express()
.use(session({
store: new FirebaseStore({
database: ref.database()
}),
secret: 'keyboard cat'
resave: true,
saveUninitialized: true
}));
Security
If you use a publicly available Firebase Database, please set proper rules:
{
"rules": {
".read": "false",
".write": "false",
"sessions": {
".read": "false",
".write": "false"
},
"some_public_data": {
".read": "true",
".write": "auth !== null"
}
}
}
Learn more about Firebase rules: https://firebase.google.com/docs/database/security/
Tests
To run tests against connect-session-firebase
you will need your own Firebase Database app available.
Checkout the repo locally and create two files in the project root:
- .env
- serviceAccountCredentials.json
With the content:
.env
FIREBASE_SERVICE_ACCOUNT=./serviceAccountCredentials.json
FIREBASE_DATABASE_URL=https://[databaseName].firebaseio.com
serviceAccountCredentials.json
{
"type": "service_account",
"project_id": "",
"private_key_id": "",
"private_key": "",
"client_email": "",
"client_id": "",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": ""
}
Install the dev dependencies:
$ npm install
Run the tests:
$ npm test
License
connect-session-firebase
is licensed under the MIT license.