If you authenticate with Firebase in your app, authenticating with your API is very easy, as the Firebase token is a JWT.

All we really need to is implement a Guard with a user function that returns an Authenticatable object.

Because our user is actually stored in the JWT token, we can completely skip the custom User Provider class, as we can simply return an Authenticable object directly from our Guard.

Step 1: Configure Laravel to use our custom guard in config/auth.php

Step 2: Add our custom guard to the Auth manager

Step 3: Add some dependencies

Run composer require kreait/firebase-tokens to add the library which will verify our tokens for us. Then tell Laravel how to create our token verifier:

Note: You should put your project name in your .env, set it in config/services.php and finally retrieve it using config('services.firebase.project_id')

Step 4: Implement our Guard and Authenticatable

Create App\Firebase\Guard.php with the following:

Then create App\Firebase\User.php with the following:

You probably want to customise this User class with specific needs for your application. For example adding Authorizable, or adding JSONSerializable.

Step 5: Add some API methods

Here’s a little example which just returns the user as JSON:

Step 6: Get a token from Firebase and use your API

Here’s a little code snippet which logs in, gets a token and makes an API call:

There we have it — stateless authentication via Firebase for your Laravel app!

Let me know if you have any questions in the comments.

Solutions Architect. Technical Lead. Full-stack Developer. http://craigmorris.io