From 91015387bd6070b069ef6724ebe461d0f6221cf3 Mon Sep 17 00:00:00 2001
From: Antony Budianto <antonybudianto@gmail.com>
Date: Sat, 7 Jan 2017 12:11:24 +0700
Subject: [PATCH] init middleware setup

---
 .gitignore             |  1 +
 README.md              | 41 +++++++++++++++++++++++++++++++++++++++++
 index.js               |  5 +++++
 package.json           | 29 +++++++++++++++++++++++++++++
 src/auth.middleware.js | 25 +++++++++++++++++++++++++
 src/util/logger.js     | 11 +++++++++++
 6 files changed, 112 insertions(+)
 create mode 100644 .gitignore
 create mode 100644 README.md
 create mode 100644 index.js
 create mode 100644 package.json
 create mode 100644 src/auth.middleware.js
 create mode 100644 src/util/logger.js

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..3c3629e
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+node_modules
diff --git a/README.md b/README.md
new file mode 100644
index 0000000..dc82117
--- /dev/null
+++ b/README.md
@@ -0,0 +1,41 @@
+# Express Firebase Middleware
+
+Express middleware for your Firebase applications.
+
+## How to use
+1. Install the packages using npm
+    ```
+    npm install express firebase-admin express-firebase-middleware
+    ```
+
+   Both `express` and `firebase-admin` are peerDependencies.
+
+2. Require it in your express routes
+    ```
+    var firebaseMiddleware = require('express-firebase-middleware');
+
+    router.use('/api', firebaseMiddleware.auth);
+    ```
+
+3. Now make sure the client's requests have Authorization header like
+    ```
+    Authorization Bearer <your-client-token>
+    ```
+
+    The client can get the token from their client SDK (Web, Android, iOS Firebase SDK)
+
+4. When requesting, and token is valid, you can get the `user` object from response
+    ```
+    router.get('/api/hello', (req, res) => {
+        res.json({
+            message: `You're logged in as ${res.locals.user.email} with Firebase UID: ${res.locals.user.uid}`
+        });
+    });
+    ```
+
+## Debug mode
+By default, the middleware will log and output to console, you can disable them by setting
+your environment variable for `APP_DEBUG` to `false`
+
+## License
+MIT
diff --git a/index.js b/index.js
new file mode 100644
index 0000000..469c92c
--- /dev/null
+++ b/index.js
@@ -0,0 +1,5 @@
+var auth = require('./src/auth.middleware');
+
+module.exports = {
+    auth
+};
diff --git a/package.json b/package.json
new file mode 100644
index 0000000..19e2322
--- /dev/null
+++ b/package.json
@@ -0,0 +1,29 @@
+{
+  "name": "express-firebase-middleware",
+  "version": "0.1.0",
+  "description": "Express middleware for your Firebase applications",
+  "main": "index.js",
+  "scripts": {
+    "test": "echo \"Error: no test specified\" && exit 1"
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/antonybudianto/express-firebase-middleware.git"
+  },
+  "keywords": [
+    "express",
+    "firebase",
+    "middleware",
+    "auth"
+  ],
+  "author": "Antony Budianto <antonybudianto@gmail.com>",
+  "license": "MIT",
+  "bugs": {
+    "url": "https://github.com/antonybudianto/express-firebase-middleware/issues"
+  },
+  "homepage": "https://github.com/antonybudianto/express-firebase-middleware#readme",
+  "peerDependencies": {
+    "express": "^4.14.0",
+    "firebase-admin": "^4.0.4"
+  }
+}
diff --git a/src/auth.middleware.js b/src/auth.middleware.js
new file mode 100644
index 0000000..5747934
--- /dev/null
+++ b/src/auth.middleware.js
@@ -0,0 +1,25 @@
+var admin = require.main.require('firebase-admin');
+
+var logger = require('./util/logger');
+
+function firebaseAuthMiddleware(req, res, next) {
+    let authorization = req.header('Authorization');
+    if (authorization) {
+        let token = authorization.split(' ');
+        admin.auth().verifyIdToken(token[1])
+        .then((decodedToken) => {
+            logger.log(decodedToken);
+            res.locals.user = decodedToken;
+            next();
+        })
+        .catch(err => {
+            logger.log(err);
+            res.sendStatus(401);
+        });
+    } else {
+        logger.log('Authorization header is not found');
+        res.sendStatus(401);
+    }
+}
+
+module.exports = firebaseAuthMiddleware;
diff --git a/src/util/logger.js b/src/util/logger.js
new file mode 100644
index 0000000..8e6ef46
--- /dev/null
+++ b/src/util/logger.js
@@ -0,0 +1,11 @@
+var debug = process.env.APP_DEBUG || true;
+
+function log() {
+    if (!debug) return;
+
+    console.log.apply(null, arguments);
+}
+
+module.exports = {
+    log
+};