Edit on GitHubThis course is no longer maintained and may be out-of-date. While it remains available for reference, its content may not reflect the latest updates, best practices, or supported features.
Setup Hasura JWT Parsing
Usually with Firebase Auth and Hasura we can use the standard JWK url as described here.
However, with Firebase Session cookies they need a different format which we'll have to add manually. Hopefully in the future this can improve.
In
login.tsxaddconsole.log(cookie)afterconst cookie = await admin.auth().createSessionCookie(idToken, { expiresIn });and go through the login process to get the cookie JWT tokenOpen jwt.io and paste your JWT in.
In the decoded headers section, note the
kid:property. Take the value of that, open https://www.googleapis.com/identitytoolkit/v3/relyingparty/publicKeys, and find the public certificate that matches.We now build our Hasura JWT secret config
{"type":"RS256", "key": "<Firebase public cert from previous step>", "audience": "<firebase project id>", "issuer": "https://session.firebase.google.com/<firebase project id>", "claims_map": {"x-hasura-allowed-roles": ["user"], "x-hasura-default-role": "user", "x-hasura-user-id": {"path":"$.sub"} }}
By default, we assign a logged-in user the role of user using the claims map feature.
Save this config for an upcoming step.
Build apps and APIs 10x faster- Built-in authorization and caching
- 8x more performant than hand-rolled APIs
