Hi guys has anyone found a way to build an authentication fe

Question

Hi guys has anyone found a way to build an authentication feature that wraps around firebase on ktor

Jorge R · Answer

You mean Google Auth with `GoogleIdTokenVerifier` I ve implemented in my app Sign In with Google if that is what you are asking about

Arkangel · Answer

I did something like this

Arkangel · Answer

```class AuthenticationControllerImpl AuthenticationController override suspend fun authenticate token String TaskResult lt Boolean gt if isInTestMode return TaskResult Success true return try var authorizationHeader = token replace Bearer replace var jwt = JWT decode authorizationHeader FirebaseAuth getInstance verifyIdToken jwt token TaskResult Success true catch exception Exception return TaskResult Error AuthenticationException Not Authorized interface AuthenticationController suspend fun authenticate token String TaskResult lt Boolean gt ```

Arkangel · Answer

but that means for every request i want to have verified

Arkangel · Answer

i need 2 call into this

Arkangel · Answer

it works ok

Arkangel · Answer

but i m concerned the architecture goes against what devs of ktor have suggested which is auth pipeline

Jorge R · Answer

Ok so do you want an authenticator that will always ask FirebaseAuth to verify the received token or you have your own JWT auth but you want to use Firebase tokens at certain point push notif

Jorge R · Answer

Normally the flow is 1 User request sign in with Google in device 2 Device will prompt to login 3 If login is successful you get a Firebase token in the app 4 You forward that token to your server and you store it encrypted 5 Your API users will identify themselves in your API using your own JWT token so once you need to do something with Firebase you recover amp decrypt token attached to that specific user 6 The app you are using should listen for Firebase token updates If that happens you need to report the new one to your server Is this something that matches your needs

Arkangel · Answer

only thing is since firebase is the producer of this token how do u know when it s expired revoke etc And depending on the architecture you have on an android app for instance u might get new token from firebase and wondered if it s a headache seemed simpler to generate token on device with firebase and firebase validate token on server

Laurence · Answer

Hi < Arkangel> this is the implementation I have used for Firebase Bearer token There are places it can be improved but it is a good basic starting point slightly smiling face

Arkangel · Answer

Thanks checking it out

Jorge R · Answer

Definitely what you were looking for Nice post < Laurence>

Jorge R · Answer

< Arkangel> the one responsible of renewing token should be device If you renew from server I guess it will trigger `onNewToken ` method in your device so you will need to sync it with your device local storage anyway But the entrypoint will be at device level it is the one that will trigger the calls With what Laurence posted here you can just delegate to device everything related with token and all the authenticated calls in your API should contain a firebase token that will be validated by Firebase authenticator