Firebase set up rewrites to pass current user to Cloud Function

Question

I'm trying to use Cloud Functions for Firebase to serve content and I'd like to detect whether a user is logged in or not. I've set up a rewrite in my firebase.json that looks like this:

{
  "database": {
    "rules": "database.rules.json"
  },
  "hosting": {
    "public": "public",
    "rewrites": [{
      "source": "**",
      "function": "getProfile"
    }]
  }
}

This works fine and I'm serving appropriate content based on the path that's being requested. However, because I'm not doing anything on the client side (i.e. I'm using rewrites rather than client-side redirects), I'm missing the opportunity to get the current user from a client-side script.

Is there some way I can use a header or a property of the request object so that I can serve different content to logged in vs. non-logged in users in my server-side rewrites scenario?

Answer 1

Firebase Hosting passes along any cookie named __session when it calls a Cloud Function. An easy way to do this is to simply listen for ID tokens in your web app and set the cookie appropriately:

firebase.auth().onIdTokenChanged(user => {
  if (user) {
    user.getIdToken().then(token => {
      document.cookie = `__session=${token};max-age=3600`;
    });
  } else {
    document.cookie = '__session=;max-age=0';
  }
});

Then, in your Cloud Function, you can parse the ID token out of the cookie and verify it using code like in this sample.