Connect Session Firebase
connect-session-firebase is a Connect/Express compatible session store backed by the Firebase SDK.
Installation
firebase-admin must be added as a peer dependency, or you're gonna have a bad time. connect-session-firebase expects a only matching major version of Firebase, i.e. any connect-session-firebase@11.x.x version will expect any firebase-admin@11.x.x version peer dependency.
$ npm install firebase-admin connect-session-firebase --save
Options
-
databaseA pre-initialized Firebase Database app instance. -
sessions(optional) A child reference string for session storage. (defaults to "sessions") -
reapInterval(optional) How often expired sessions should be cleaned up. (defaults to21600000, 6 hours in milliseconds) -
reapCallback(optional) A callback function to execute whenever a session clean up occurs. -
errorIfSessionNotFound(optional) Return an error object to the callback if a session doesn't exist. Only useful if you want to log when a session is no longer available. (defaults tofalse)
Usage
Initialize firebase-admin database and pass the instance to FirebaseStore. Connecting to the database requires a credential cert via a JSON file from the Firebase IAM & Admin Console.
const connect = require('connect')
const FirebaseStore = require('connect-session-firebase')(connect)
const firebase = require('firebase-admin')
const ref = firebase.initializeApp({
credential: firebase.credential.cert('path/to/serviceAccountCredentials.json'),
databaseURL: 'https://databaseName.firebaseio.com',
})
connect()
.use(connect.cookieParser())
.use(
connect.session({
store: new FirebaseStore({
database: ref.database(),
}),
secret: 'keyboard cat',
}),
)-
NOTE: In Express 4
express-sessionmust be passed to the functionconnect-session-firebaseexports in order to extendexpress-session.Store:
const express = require('express');
const session = require('express-session');
const FirebaseStore = require('connect-session-firebase')(session);
const firebase = require('firebase-admin');
const ref = firebase.initializeApp({
credential: firebase.credential.cert('path/to/serviceAccountCredentials.json'),
databaseURL: 'https://databaseName.firebaseio.com'
});
express()
.use(session({
store: new FirebaseStore({
database: ref.database()
}),
secret: 'keyboard cat'
resave: true,
saveUninitialized: true
}));Security
If you use a publicly available Firebase Database, please set proper rules:
{
"rules": {
".read": "false",
".write": "false",
"sessions": {
".read": "false",
".write": "false"
},
"some_public_data": {
".read": "true",
".write": "auth !== null"
}
}
}Learn more about Firebase rules: https://firebase.google.com/docs/database/security/
Tests
To run tests against connect-session-firebase you will need your own Firebase Database app available.
Checkout the repo locally and create two files in the project root:
- .env
- serviceAccountCredentials.json
With the content:
.env
FIREBASE_SERVICE_ACCOUNT=./serviceAccountCredentials.json
FIREBASE_DATABASE_URL=https://[databaseName].firebaseio.com
serviceAccountCredentials.json
{
"type": "service_account",
"project_id": "",
"private_key_id": "",
"private_key": "",
"client_email": "",
"client_id": "",
"auth_uri": "https://accounts.google.com/o/oauth2/auth",
"token_uri": "https://accounts.google.com/o/oauth2/token",
"auth_provider_x509_cert_url": "https://www.googleapis.com/oauth2/v1/certs",
"client_x509_cert_url": ""
}
Install the dev dependencies:
$ npm install
Run the tests:
$ npm test
License
connect-session-firebase is licensed under the MIT license.