Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[NextJS] Use web frameworks' built-in auth cookie instead of custom implementation #243

Open
jhuleatt opened this issue Aug 10, 2023 · 7 comments

Comments

@jhuleatt
Copy link
Contributor

The Firebase CLI's web frameworks tooling sets an auth cookie: https://github.com/FirebaseExtended/firebase-framework-tools/blob/087035d86c65c5810ab71f889e4d6160398368aa/src/firebase-aware.ts#L32

This means we probably don't need the current custom implementation:

export async function POST(request) {

@ismaelaarab
Copy link

@jhuleatt

Does this imply that the example is primarily designed for use with Firebase Hosting?

If someone chooses to host their project on Vercel instead, will they need to implement additional custom logic in order to set the session on the server side?

@matallui
Copy link

Same question? ☝🏼

@leonam-okajima
Copy link

We really need clarification on this. Are the example and tutorial designed only for use with Firebase Hosting?

@EmanuelU
Copy link

EmanuelU commented Nov 5, 2023

after a lot of digging I am fairly sure the __session cookie expected in the tutorial is a firebase only thing, not from the auth package but from the frameworks.

@josancamon19
Copy link

Yup, thanks for asking this, I was close to giving up already, and just verified that indeed, it only works if you use firebase, either from emulators or not.

@WillZhao2021
Copy link

Was anyone able to get the __session cookie after this project is deployed to Firebase hosting? It was working fine with my hosting emulator, but it stopped working after I deployed it. I checked the cookies tab, no cookie is set at all.

@Herohtar
Copy link

Herohtar commented Feb 27, 2024

This issue should be marked as solved, because the file in question no longer exists and indeed it seems that they implemented the auth token parsing using the __session cookie:

export async function getAuthenticatedAppForUser(session = null) {

However, as a couple of the more recent comments indicate, the __session cookie doesn't actually appear to be set when trying to make this work in my own project, even when using Firebase Hosting. I'm not sure if this is something that changed with Firebase Auth or some other issue.

I did notice that something that looks like an auth token appears to be stored in Indexed DB, so maybe that's where it is now. I'm not sure how you make use of that though.

Edit: After doing a bit more digging, I believe the code in the repo is incomplete. It looks like the intention is for the client side part of the code to set the __session cookie itself and that it is not something that gets set automatically by Firebase Auth (and never was, as far as I can tell).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

8 participants