United Kingdom: +44 (0)208 088 8978

FsHttp and Firebase Auth: A quick demonstration

Dragos gives a quick overview of how to use the Firebase Auth API with F# scripts

We're hiring Software Developers

Click here to find out more

Firebase provides multiple backend functionalities in the cloud. It can provide access to a NoSQL DB (Firestore), an authentication system, analytics and much more. It also provides a free tier, which—combined with all the handy services—can help a lot with quickly prototyping applications.

In this blog post, I want to show you how to write an F# script that uses FsHttp to enable Firebase's Auth API. Please note that this is just a quick way to experiment with Firebase's Auth service and should not be used in production 🙂

Set up

First, let's make sure we have a Firebase project set up. Going to the Firebase console we add a new project.

Once the project has been created you should be able to see Authentication on the left side after clicking Build.

Now go to Authentication and create it. Once done you should see a list of sign-in providers. Authentication provides different types of providers, including third parties, which can be quite easy to integrate.

For now, let's activate the Email/Password provider: click on it and enable it. Once enabled it should be ready for use.

Firebase has a pretty extensive REST API with good documentation. We will need our Web API Key for all of the requests, which can be found in Project settings.

Note: Make sure you enabled a provider otherwise the key will not appear

For calling the API I will be using the FsHttp library.

#r "nuget: FsHttp, 10.0.0"

open FsHttp

Sign up

To sign up we need to provide an email and password:

http {
    POST "https://identitytoolkit.googleapis.com/v1/accounts:signUp?key=yourAPIkey"
    body

    jsonSerialize
        {| email = "brucewayne@compositional-it.com"
           password = "123456" |}
}
|> Request.send
|> Response.toJson

You should see a JSON response like this:

{
  "kind": "identitytoolkit#SignupNewUserResponse",
  "idToken": "idToken",
  "email": "brucewayne@compositional-it.com",
  "refreshToken": "refreshToken",
  "expiresIn": "3600",
  "localId": "fSf5BKPgeDPKKUlevKm9p2XAr7d2"
}

idToken will be used for identifying the user and expiresIn is the time until we would have to authenticate again using the sign in. If the time expires, we can longer do certain operations on the user like getting the user data.

When you check the Firebase console you should be able to see this:

The response can also indicate errors, like invalid email, email already exists and too many attempts.

{
  "error": {
    "code": 400,
    "message": "INVALID_EMAIL",
    "errors": [
      {
        "message": "INVALID_EMAIL",
        "domain": "global",
        "reason": "invalid"
      }
    ]
  }
}

Sign in

The code is similar for Sign In, but this time I will get the read the idToken into F#.

let response =
    http {
        POST
            "https://identitytoolkit.googleapis.com/v1/accounts:signInWithPassword?key=yourAPIkey"

        body

        jsonSerialize
            {| email = "brucewayne@compositional-it.com"
               password = "123456"
               returnSecureToken = true |}
    }
    |> Request.send
    |> Response.toJson

let idToken = response?idToken |> string

Get Details

The idToken can be used to get data about the user:

http {
    POST "https://identitytoolkit.googleapis.com/v1/accounts:lookup?key=yourAPIkey"
    body
    jsonSerialize {| idToken = idToken |}
}
|> Request.send
|> Response.toJson

You should a response like this:

{
  "kind": "identitytoolkit#GetAccountInfoResponse",
  "users": [
    {
      "localId": "011gpOCgdt4eFo8Q7SIfyjt3x1",
      "email": "brucewayne@compositional-it.com",
      "passwordHash": "hash=",
      "emailVerified": false,
      "passwordUpdatedAt": 1679591743915,
      "providerUserInfo": [
        {
          "providerId": "password",
          "federatedId": "brucewayne@compositional-it.com",
          "email": "brucewayne@compositional-it.com",
          "rawId": "brucewayne@compositional-it.com"
        }
      ],
      "validSince": "1679591743",
      "lastLoginAt": "1679591743915",
      "createdAt": "1679591743915",
      "lastRefreshAt": "2023-03-23T17:15:43.915Z"
    }
  ]
}

Remove

Lastly, if we want to remove the user:

http {
    POST "https://identitytoolkit.googleapis.com/v1/accounts:delete?key=AIzaSyAT7g9Bms6UbkbDOFkUPpIbmy38KyOrl54"
    body
    jsonSerialize {| idToken = idToken |}
}
|> Request.send
|> Response.toJson

The response will be this:

{
  "kind": "identitytoolkit#DeleteAccountResponse"
}

Conclusion

In this blog post, we looked at how to use Firebase's Auth API with FsHttp. I hope you found it interesting 🙂