Skip to main content

Firebase Authentication Setup

This guide explains how to configure Firebase Authentication and integrate it with the backend.

Step 1 – Create a Firebase Project

  1. Go to https://console.firebase.google.com
  2. Click on "Add project"
  3. Enter a project name (e.g. hudi-backend)
  4. Disable Google Analytics (optional)
  5. Click "Create"

Step 2 – Enable Email/Password Sign-in

  1. In your Firebase project console, go to Authentication > Sign-in method
  2. Enable the Email/Password provider
  3. Save changes

Step 3 – Get Project ID and Public Keys

  1. Go to Project Settings > General
  2. Copy the Project ID (you’ll need it in .env)
  3. Visit the following URL to access Firebase's public keys (used to verify tokens):
https://www.googleapis.com/robot/v1/metadata/x509/securetoken@system.gserviceaccount.com

These are already handled in firebase_public_keys.dart.

Step 4 – Set Up Environment Variables

In your .env or .env.local file, add:

FIREBASE_PROJECT_ID=your_project_id

How It Works

The backend uses Firebase ID tokens sent in the Authorization: Bearer <token> header.

The checkAuth() middleware:

  • Verifies the token signature
  • Decodes the user ID (uid)
  • Loads the corresponding user from MongoDB

Token Validation Route

You can test token verification using the following route:

GET /validateToken

Pass a valid Firebase token in the Authorization header to check if authentication works properly.

Last updated: 2025-04-01