friendlyeats-web icon indicating copy to clipboard operation
friendlyeats-web copied to clipboard

Published 20 hours ago verified publisher icon firebase

[NextJS] Use web frameworks' built-in auth cookie instead of custom implementation

Open jhuleatt opened this issue 2 years ago • 7 comments

The Firebase CLI's web frameworks tooling sets an auth cookie: https://github.com/FirebaseExtended/firebase-framework-tools/blob/087035d86c65c5810ab71f889e4d6160398368aa/src/firebase-aware.ts#L32

This means we probably don't need the current custom implementation: https://github.com/firebase/friendlyeats-web/blob/c43de974fbf44151217fe3238d610edee7b86b28/nextjs-end/src/app/api/route.js#L9

jhuleatt avatar Aug 10 '23 16:08 jhuleatt

@jhuleatt

Does this imply that the example is primarily designed for use with Firebase Hosting?

If someone chooses to host their project on Vercel instead, will they need to implement additional custom logic in order to set the session on the server side?

ismaelaarab avatar Oct 07 '23 12:10 ismaelaarab

Same question? ☝🏼

matallui avatar Oct 12 '23 18:10 matallui

We really need clarification on this. Are the example and tutorial designed only for use with Firebase Hosting?

leonam-okajima avatar Oct 31 '23 06:10 leonam-okajima

after a lot of digging I am fairly sure the __session cookie expected in the tutorial is a firebase only thing, not from the auth package but from the frameworks.

EmanuelU avatar Nov 05 '23 01:11 EmanuelU

Yup, thanks for asking this, I was close to giving up already, and just verified that indeed, it only works if you use firebase, either from emulators or not.

josancamon19 avatar Nov 28 '23 05:11 josancamon19

Was anyone able to get the __session cookie after this project is deployed to Firebase hosting? It was working fine with my hosting emulator, but it stopped working after I deployed it. I checked the cookies tab, no cookie is set at all.

WillZhao2021 avatar Nov 30 '23 20:11 WillZhao2021

This issue should be marked as solved, because the file in question no longer exists and indeed it seems that they implemented the auth token parsing using the __session cookie: https://github.com/firebase/friendlyeats-web/blob/02be588cf1ca3db5e8d7296b6aae19681f2533cf/nextjs-end/src/lib/firebase/firebase.js#L27

However, as a couple of the more recent comments indicate, the __session cookie doesn't actually appear to be set when trying to make this work in my own project, even when using Firebase Hosting. I'm not sure if this is something that changed with Firebase Auth or some other issue.

I did notice that something that looks like an auth token appears to be stored in Indexed DB, so maybe that's where it is now. I'm not sure how you make use of that though.

Edit: After doing a bit more digging, I believe the code in the repo is incomplete. It looks like the intention is for the client side part of the code to set the __session cookie itself and that it is not something that gets set automatically by Firebase Auth (and never was, as far as I can tell).

Herohtar avatar Feb 27 '24 06:02 Herohtar