Firebase Cloud Functions HTTP Basic Auth

Question

I need to create an API endpoint that returns PDFs. This endpoint is intended to be accessed by Twilio to use with their faxing API. However, the only way to do this with authentication is with HTTP Basic Auth.

Doing this seems easy enough with the express-basic-auth npm package. However, I'm not sure about the logistics with my tech stack. I use Firebase, Firestore and Cloud Functions.

How can I securely implement this HTTP Basic Auth with Cloud Functions? I can't use Firebase's Auth product bc like I said, another API needs to interact with this endpoint, not an actual person. I will have numerous internal username & passwords, should I store these in a database, Firestore? Hardcode it in an array in the function?

The ultimate question is, should I store the username passwords in a Firestore document?

Answer 1

You can also add a middleware function instead of using an express app

const applyMiddleware = handler => (req, res) => {
  return auth(req, res, () => {
    return handler(req, res)
  })
}
exports.successTest = functions.https.onRequest(applyMiddleware((req, res) => res.send({ success: true })))

To see a simple solution with no middleware see this SO answer

Answer 2

According to this Firebase documentation, Google supports express apps in their stack. Thus you can simply create your middleware as explained in the package documentation of express-basic-auth:

const app = require('express')()
const basicAuth = require('express-basic-auth')
 
app.use(basicAuth({
    users: { 'admin': 'supersecret' }
}))

And use the app in your cloud function as described here:

exports.api = functions.https.onRequest(app);