/firetrain

Firebase authentication for Rails

Primary LanguageRubyMIT LicenseMIT

FireTrain

Github Actions

A Ruby gem that supports authenticating a Rails backend with Firebase for both web and mobile applications. It includes authentication functionality for both an api access token and a session cookie.

Installation

Add this line to your application's Gemfile:

gem 'firetrain'

And then execute:

$ bundle

Or install it yourself as:

$ gem install firetrain

Setup

  1. Add a User model with email and firebase_id string attributes

  2. Add the following to your application.html.erb:

<head>
  <script src="https://www.gstatic.com/firebasejs/7.9.3/firebase-app.js"></script>
  <script src="https://www.gstatic.com/firebasejs/7.9.3/firebase-auth.js"></script>
  <script src="https://cdn.firebase.com/libs/firebaseui/3.5.2/firebaseui.js"></script>
  <link type="text/css" rel="stylesheet" href="https://www.gstatic.com/firebasejs/ui/4.4.0/firebase-ui-auth.css" />
  <%= javascript_include_tag 'firetrain/application' %>
</head>
  1. Add the Authenticable module to your ApplicationController.rb:
class ApplicationController < ActionController::Base
  include FireTrain::Controllers::Authenticatable
  helper FireTrain::Controllers::Authenticatable
end
  1. Import css in assets/stylesheets/application.css:
*= require authentication
  1. Add the following ENV vars to your .env. Your Firebase config variables can be found here
FIRETRAIN_API_KEY=
FIRETRAIN_AUTH_DOMAIN=
FIRETRAIN_DATABASE_URL=
FIRETRAIN_PROJECT_ID=
FIRETRAIN_STORAGE_BUCKET=
FIRETRAIN_MESSAGING_SENDER_ID=
FIRETRAIN_APP_ID=
FIRETRAIN_MEASUREMENT_ID=
FIRETRAIN_TOS_URL=
FIRETRAIN_PRIVACY_POLICY_URL=
FIRETRAIN_TURBOLINKS_ENABLED=
  1. Setup the following rake task to run every hour in production to refresh Firebase certificates via the included firebase_id_token gem:
rake firebase:certificates:request

Usage

Browser authentication

  • Users can sign in at /auth, this will generate a session cookie that will be used to authenticate subsequent requests.

  • Controllers can be restricted to authenticated users by adding before_action :authenticate_session_user

  • To display sign in and sign out links add the following to your navigation:

<%- if current_user %>
  <%= link_to 'Sign Out', sign_out_path, method: :delete %>
<%- else %>
  <%= link_to 'Sign In', api_auth_path %>
<%- end %>

API authentication

  • After signing in/up a user on mobile, hit the /set_token_user endpoint to generate a user with the Firebase access token as HTTP_FIREBASE_TOKEN in the request headers

  • Subsequent requests can be authenticated by passing the Firebase access token as HTTP_FIREBASE_TOKEN

  • Controllers can be restricted to authenticated users by adding before_action :authenticate_api_user

Tests

Run:

rake test

License

The gem is available as open source under the terms of the MIT License.