Usage in Google Cloud Run environment

Before running next-firebase-auth-edge in Google Cloud Environment, make sure to:

Enable IAM Service Account Credentials API (opens in a new tab)
Assign iam.serviceAccounts.signBlob permission to IAM role attached to default compute service account (opens in a new tab)

You can now omit serviceAccount option in authMiddleware, getTokens and other functions. When serviceAccount is undefined, next-firebase-auth-edge will extract credentials from authenticated Google Cloud Run (opens in a new tab) environment.

Please note that you still have to supply firebase apiKey.

Example authMiddleware usage:

middleware.ts

import { NextRequest, NextResponse } from "next/server";
import { authMiddleware } from "next-firebase-auth-edge";
 
export async function middleware(request: NextRequest) {
  return authMiddleware(request, {
    loginPath: "/api/login",
    logoutPath: "/api/logout",
    apiKey: "XXxxXxXXXxXxxxxx_XxxxXxxxxxXxxxXXXxxXxX",
    cookieName: "AuthToken",
    cookieSignatureKeys: ["secret1", "secret2"],
    cookieSerializeOptions: {
      path: "/",
      httpOnly: true,
      secure: false,
      sameSite: "lax" as const,
      maxAge: 12 * 60 * 60 * 24,
    },
  });
}

Example getTokens usage:

import { getTokens } from "next-firebase-auth-edge";
 
const tokens = await getTokens(context.req.cookies, {
    apiKey: 'XXxxXxXXXxXxxxxx_XxxxXxxxxxXxxxXXXxxXxX',
    cookieName: 'AuthToken',
    cookieSignatureKeys: ['secret1', 'secret2'],
});

Advanced usage Usage in Firebase Hosting