hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-14 17:02:49 +03:00
Code Issues Projects Releases Wiki Activity
95444b60da
graphql-engine/community/sample-apps/firebase-jwt
History
Samir Talwar d9afcc1857 Upgrade all package-lock.json files to the v2 format. 
NPM v7 uses a new (backwards-compatible) lockfile format. This upgrades all our various _package-lock.json_ files to use the new format.

It's much more verbose so that NPM can be a lot faster.

I figured it was cleaner to do this once in a separate PR rather than upgrading them in combination with adding or upgrading a new dependency.

PR-URL: https://github.com/hasura/graphql-engine-mono/pull/5869
GitOrigin-RevId: 322fb63b96e2d873a4a3cc05fa6c7afa414716ce
2022-09-28 08:15:29 +00:00
..
app community(sample-apps): mod firebase-jwt html (#3044) 2019-10-26 09:51:55 +05:30
functions Upgrade all package-lock.json files to the v2 format. 2022-09-28 08:15:29 +00:00
.gitignore refactor community content and folder structure (#1353) 2019-01-17 15:57:28 +05:30
README.md readme: use cloud signup endpoint for "Deploy to Hasura" CTA 2021-08-19 07:03:05 +00:00

README.md

Firebase Auth + Hasura JWT

Barebones example to show how to have Firebase Auth integrated with Hasura JWT mode.

Firebase Auth

Firebase has few ways of implementing custom JWT claims in Firebase Auth:

  1. Have firebase generate the JWTs, then customize them from your backend using Firebase Admin SDK [docs]
  2. Use Firebase cloud functions, and listen to user creation events to add custom claims to generated JWT [docs]
  3. Have your own backend server, which generates custom tokens [docs]
  4. Have your own backend scripts (not initiated by the client) to update user custom claims [docs]

Add custom claims in Firebase

In this example, we are choosing the option 2 from above. But this can be done via any of the above methods. Firebase docs have extensive documentation on how to achieve this via different methods.

This example is adapted from this guide.

Pre-requisites

This example assumes that you already have Firebase Auth setup for your app.

Add the cloud function

Deploy the cloud function inside functions/ folder:

firebase deploy --only functions

Customize the code to add your logic of assigning roles in the custom claims.

This cloud function is using the onCreate trigger. So whenever a user is created, this function is run.

Client-side code

The client-side code is in app/ folder.

Configure Hasura to start in JWT mode

  • Deploy GraphQL Engine on Hasura Cloud and setup PostgreSQL via Heroku:

    Deploy to Hasura Cloud

After deploying, add the following environment variables to configure JWT mode:

HASURA_GRAPHQL_ADMIN_SECRET : youradminsecretkey

HASURA_GRAPHQL_JWT_SECRET: {"type":"RS256", "jwk_url": "https://www.googleapis.com/service_accounts/v1/jwk/securetoken@system.gserviceaccount.com", "audience": "<firebase-project-id>", "issuer": "https://securetoken.google.com/<firebase-project-id>"}

Sending JWT to Hasura

Now, whenever you make a request to Hasura GraphQL engine (as an authenticated user), send the id_token in Authorization header:

Authorization: Bearer <firebase-id-token>