Usage in Firebase Hosting environment
Firebase Hosting environment by default strips all cookies other than __session
(See https://stackoverflow.com/questions/44929653/firebase-cloud-function-wont-store-cookie-named-other-than-session (opens in a new tab))
To enable next-firebase-auth-edge
in Firebase Hosting, you need to provide custom cookieName
with the value of __session
, as in below examples:
middleware.ts
import { NextRequest, NextResponse } from "next/server";
import { authMiddleware } from "next-firebase-auth-edge";
export async function middleware(request: NextRequest) {
return authMiddleware(request, {
cookieName: "__session", // This needs to be "__session" to work inside Firebase Hosting
loginPath: "/api/login",
logoutPath: "/api/logout",
apiKey: "XXxxXxXXXxXxxxxx_XxxxXxxxxxXxxxXXXxxXxX",
cookieSignatureKeys: ["secret1", "secret2"],
cookieSerializeOptions: {
path: "/",
httpOnly: true,
secure: false,
sameSite: "lax" as const,
maxAge: 12 * 60 * 60 * 24,
},
serviceAccount: {
projectId: "your-firebase-project-id",
clientEmail: "firebase-adminsdk-nnw48@your-firebase-project-id.iam.gserviceaccount.com",
privateKey: "-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n",
},
});
}
export const config = {
matcher: ["/api/login", "/api/logout", "/", "/((?!_next|favicon.ico|api|.*\\.).*)"],
};
Example getTokens usage:
import { getTokens } from "next-firebase-auth-edge";
const tokens = await getTokens(context.req.cookies, {
apiKey: 'XXxxXxXXXxXxxxxx_XxxxXxxxxxXxxxXXXxxXxX',
cookieName: '__session',
cookieSignatureKeys: ['secret1', 'secret2'],
});