Usage in Google Cloud Run environment
Before running next-firebase-auth-edge
in Google Cloud Environment, make sure to:
- Enable IAM Service Account Credentials API (opens in a new tab)
- Assign
iam.serviceAccounts.signBlob
permission to IAM role attached to default compute service account (opens in a new tab)
You can now omit serviceAccount
option in authMiddleware
, getTokens
and other functions. When serviceAccount
is undefined
, next-firebase-auth-edge
will extract credentials from authenticated Google Cloud Run (opens in a new tab) environment.
Please note that you still have to supply firebase apiKey
.
Example authMiddleware usage:
middleware.ts
import { NextRequest, NextResponse } from "next/server";
import { authMiddleware } from "next-firebase-auth-edge";
export async function middleware(request: NextRequest) {
return authMiddleware(request, {
loginPath: "/api/login",
logoutPath: "/api/logout",
apiKey: "XXxxXxXXXxXxxxxx_XxxxXxxxxxXxxxXXXxxXxX",
cookieName: "AuthToken",
cookieSignatureKeys: ["secret1", "secret2"],
cookieSerializeOptions: {
path: "/",
httpOnly: true,
secure: false,
sameSite: "lax" as const,
maxAge: 12 * 60 * 60 * 24,
},
});
}
Example getTokens usage:
import { getTokens } from "next-firebase-auth-edge";
const tokens = await getTokens(context.req.cookies, {
apiKey: 'XXxxXxXXXxXxxxxx_XxxxXxxxxxXxxxXXXxxXxX',
cookieName: 'AuthToken',
cookieSignatureKeys: ['secret1', 'secret2'],
});