Easily build APIs on top of Firebase
APIBase is an absurdly easy way to expose an API in NodeJS and communicate with it all through Firebase. APIBase takes care of the technical details like queueing and leaves you with a simple API to build your API on.
To begin, you must enable Anonymous Login on your Firebase. Then install the security rules which are specified in
server.js file which will be run in Node.
var apibase = require'apibase'"<Your Firebase>/apibase";// If you're using the recommended APIBase security rules// Your server must authenticate with your Firebase Secret.apibaseauthSECRET;// Any methods you put on apibase will be exposed publically via your APIreturn 'Hello ' + name;;// API methods are passed a `done` method which can be used in place of "return"setTimeoutdone"Coming from a promise!";time;;apibasepublish;
client.js file which can be included on your webpage (or ran in Node as well).
var apibase = "<Your Firebase>/apibase";apibaseretrievethenAPIhello"Abe"thenalertresult;alerterr;;APIrest1000thenalertresult;;;
node server.js and open your
client.js file in a browser and you're done!
APIBase supports use of a context which is passed to your API methods when they are invoked server-side as
this.ctx. A context is an object which can contain arbitrary data which is required for most method calls (like a session token).
A client specifies a new context with
apibasecontextname: "Abe";apibaseget"greet"thenconsole.loggreeting; // Logs "Hello Abe";
Using context on the server simply requires reading a field from
return "Hello " + thisctxname;;// Calling publish allows clients to connect to your APIapibasepublish;
The context will be sent will every method call until a different context is specified.
Although it is generally easier to use
retrieve() to fetch an object with all known API methods, you can alternatively user blind calls to API methods. Blind calls run the risk of silently failing if the server is not aware of the method being accessed. However, they can be slightly faster if your API consists of hundreds or thousands of methods which would be slow to sync to the client.
var hello = apibaseget'hello';hello"Blind Fish"thenconsole.logresult;;
APIBase requires all requests to be made by an authenticated user with a unique
uid field in their token data. There are several options availible which allow you to integrate APIBase's authentication with any existing Firebase app.
APIBase makes use of Firebase's powerful Anonymous Login to ensure that requests are secure even when a user is not logged in. By default, every request made from the APIBase client will be authenticated and secured via this method, unless another authentication system is required by your app.
An APIBase instance provides an
auth method which takes a valid Firebase Auth token. When
auth is called, APIBase will unauth any existing authentication on the Firebase (from, for example, Simple Login) then authenticate with the new token. This method is great if you're using a custom authentication system where your clients retrieve the tokens and would normally just call
If you're user is already logged in via Simple Login or another method, it can be difficult to retrieve the current authenication token which would be needed by
APIBase.auth. Alternatively, you can call
setUserData with a
user object. APIBase will assume that the
uid field on the
user object will be the same as the UID which your Firebase is currently authenticated with.
Here is an example integration of APIBase with Firebase Simple Login.
var URL = 'https://<YOUR-FIREBASE>.firebaseio.com';var ref = URL;var apibase = refchild'api';var auth = refif error// an error occurred while attempting loginconsole.logerror;else if user// user authenticated with Firebaseconsole.log'User ID: ' + useruid + ', Provider: ' + userprovider;// Tell APIBase that our user data has changedapibasesetUserDatauser;else// user is logged out;
APIBase should significantly out perform HTTP in most situations, but it especially shines when you are making several requests from the same client (for example, in a Single Page App).
Included is a hacked up comparison between Express and APIBase which both implement a
hello_world method which simply returns "Hello World" to the client. As I suspected, APIBase dramatically out performs HTTP in this test. This test makes 10000 requests to the
hello_world endpoint and my experiences show APIBase being over 3x faster than HTTP.
Express (for 10000 requests)
APIBase (for 10000 requests)
This test is by no means conclusive, but it does show that APIBase can easily out perform a simple Express endpoint.
Development of this library is sponsored by Rigidflame Consulting.