Introduction to Firebase Authentication

Firebase Authentication identifies and verifies users of an application. This creates personalized experiences for users across all devices. This is made possible through easy-to-use SDKs and ready-made UI libraries that Firebase provides to authenticate users.

Firebase Authentication uses JSON Web Tokens (JWTs) to authenticate users. It also supports authentication mechanisms like email/password and email/link combinations. It also allows phone number authentication, and social logins with popular federated identity providers like Google, Github, and Twitter.

Firebase Authentication seamlessly integrates with other Firebase services. It also supports industry standards like OAuth 2.0 and OpenID Connect; this allows effortless integration with an existing auth system or a custom backend.

How it works

Authentication of users typically consists of two steps: identification and verification. Users need to identify themselves by providing a unique identifier like an email address. Then, the user needs to prove their identity by providing details that only they would have access to. These details could either be a password or an OAuth token from a federated identity provider. These credentials are then securely sent to the server via a sign-in method provided by the Firebase Authentication SDK. Firebase then validates the credentials and sends back a response to the browser.

Upon successful sign-up or sign-in, Firebase creates an Auth instance for the user and provides a unique auth token to identify each user. Whenever a user makes a request to a Firebase resource or service, these auth tokens are sent along with the request. Firebase services, respond to these requests and grant access to Firebase services according to users’ permissions. The Auth instance then persists the current user’s state. This prevents the user from logging out if they refresh the browser or page.

Implementation

Before using Firebase Authentication, like any other Firebase service, we need to import and initialize the Firebase Auth service. We do this by calling the getAuth function imported from the firebase/auth subpackage. Then, we initialize the Firebase Auth service by calling the getAuth function and passing the Firebase App instance to it: