actix-firebase-auth
| Crates.io | actix-firebase-auth |
| lib.rs | actix-firebase-auth |
| version | 0.6.2 |
| created_at | 2025-06-03 04:07:13.435213+00 |
| updated_at | 2025-08-01 00:05:40.539735+00 |
| description | Firebase ID token verification for Actix Web using Google's JWKs |
| homepage | |
| repository | https://github.com/ekkolon/actix-firebase-auth |
| max_upload_size | |
| id | 1698638 |
| size | 146,941 |
Nelson Dominguez (ekkolon)
documentation
README
actix-firebase-auth
Lightweight Firebase Authentication integration for Actix Web.
✨ Features
This crate provides an easy way to verify Firebase ID tokens and extract authenticated users in Actix Web applications. It includes:
-
An Actix-compatible extractor to automatically validate and inject
FirebaseUserinto request handlers -
A strongly-typed interface to access decoded Firebase claims
-
Optional feature flags for Identity Provider (IdP) helpers, such as support for extracting Google-specific identity claims (
idp-google) -
Errors are mapped to appropriate HTTP status codes using Actix’s error conventions
-
Authentication failures include the WWW-Authenticate header in the response, as specified by RFC 7235, to ensure compatibility with HTTP authentication standards.
📦 Installation
cargo add actix-firebase-auth
🚀 Usage
The FirebaseUser struct implements Actix Web’s FromRequest trait, allowing seamless extraction directly within route handlers. When a route expects a FirebaseUser, the middleware automatically attempts to verify the Firebase ID token from the Authorization header.
If verification fails - due to a missing token, expiration, or invalid signature - the request is rejected with a 401 Unauthorized response, ensuring protected routes remain secure by default.
💡 Example
See the examples/server.rs for a minimal Actix Web server.
To run this example:
cargo run --example server
Make sure to include a valid Firebase ID token in the Authorization header when calling protected endpoints:
GET /protected HTTP/1.1
Host: api.example.com
Authorization: Bearer <Firebase_ID_Token>
🧪 Testing
The crate includes a test suite covering:
- Emulator behavior
- Invalid tokens and malformed input
- Valid RS256 JWTs with mocked keys
To run the tests:
cargo test
🔗 Similar Projects
This crate is a hard-fork of firebase-auth, rewritten for better compatibility within the Actix Web ecosystem.
⚖️ License
Licensed under either of
- MIT license (see LICENSE-MIT) or
- Apache License, Version 2.0 (see LICENSE-APACHE)
at your discretion.
🤝 Contributions
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in this work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.