Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Firebase Authentication Bundle
Readme

Firebase Authentication Bundle Laravel Package

danieleambrosino/firebase-authentication-bundle

View on GitHub
Deep Wiki
Context7

FirebaseAuthenticationBundle

A lightweight, self-contained, zero-dependency, spec-compliant Symfony bundle providing authentication with Firebase JWT out of the box. Works either with short-lived ID tokens and session cookies.

Installation

Install this bundle with Composer:

composer require danieleambrosino/firebase-authentication-bundle

Configuration

Set your Firebase project's ID in an environment variable named FIREBASE_PROJECT_ID:

# .env
FIREBASE_PROJECT_ID=projectid-1a2b3

Add the firebase authenticator to any of your app's firewall:

# config/packages/security.yaml
security:
    firewalls:
        main:
            stateless: true
            firebase: ~

For each firewall you can choose the authentication strategy (default is bearer, see the configuration reference):

  • with the bearer strategy, your requests must be authenticated sending a short-lived ID token (generated by the Auth package of the Firebase client SDK you're using) into an Authorization: Bearer HTTP header (accordingly to the OAuth 2.0 specification);
  • with the cookie strategy, your requests must be authenticated sending a session cookie token, named accordingly to the cookie_name parameter (default is sessionToken).

That's it! The authenticated user will be identified using the claim in the JWT payload specified by the user_identifier parameter (default is sub).

You can require that the email is verified by setting on a per-firewall basis the verify_email boolean parameter. Optionally, you can add a leeway package-level parameter (as a positive integer number of seconds) to account for clock skew with Google's servers.

This bundle also provides a very basic user provider named firebase for basic purposes (e.g. securing the registration route).

Configuration reference

Package-level configuration

# config/packages/firebase_authentication.yaml
firebase_authentication:
    project_id: '%env(string:FIREBASE_PROJECT_ID)%'

    # The leeway to account for clock skew with Google servers
    leeway: 0

    # Used only by the authenticators with "cookie" strategy
    cookie_name: sessionToken

    # The field in the payload used to identify the user
    user_identifier: sub

Firewall-level configuration

# config/packages/security.yaml
security:
    providers:
        # Give the provider any name you want
        # You just have to set the "firebase" field
        jwt: { firebase: ~ }
    firewalls:
        main:
            stateless: true
            firebase:
                strategy: bearer # One of "bearer"; "cookie"
                verify_email: false
            
            # If you want to enable the provider
            jwt: ~
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
elnasnato/laraliveui
labrodev/rest-sdk
sampaui/sampaui
babelqueue/php-sdk
facebook/capi-param-builder-php
babelqueue/symfony
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui
devgeek/beacon-admin
benjamin-rqt/data-watcher-bundle
atriumphp/atrium