DEV Community

loading...
Cover image for React + Firebase: A Simple Context-based Authentication Provider

React + Firebase: A Simple Context-based Authentication Provider

Denny Christochowitz
fullstack / consultant ๐Ÿง‘๐Ÿปโ€๐Ÿ’ป co-creator of ๐Ÿ‘‰ https://camjam.app
ใƒป3 min read

This post showcases a quick and easy way to make a Firebase-authenticated user available throughout your React web app.

We are using here plain React with Typescript, and no extra state management library like Redux involved.

Firebase offers us to register a callback that gets called every time a user is authenticated or signed out to get notified about the current authentication situation.

import firebase from "firebase/app";

firebase.auth().onAuthStateChanged((user) => {
  if (user) {
    console.log("authenticated", user);
  } else {
    console.log("signed out");
  }
});
Enter fullscreen mode Exit fullscreen mode

We thus could implement a React component that is interested in the authenticated user quite straightforward like this:

import * as React from "react";
import firebase from "firebase/app";

function CurrentUser() {
  const [user, setUser] = React.useState<firebase.User | null>(null);

  React.useEffect(() => {
    const unsubscribe = firebase.auth().onAuthStateChanged(setUser);
    return unsubscribe;
  }, []);

  return <div>{user?.displayName || "unauthenticated"}</div>;
}
Enter fullscreen mode Exit fullscreen mode

Our React component facilitates React.useEffect to register the Firebase onAuthStateChanged callback once after it was mounted. The effect returns the unsubscribe callback from onAuthStateChanged, ensuring that we don't run in any memory leaks.

Additionally, we have a state for the current user which's setter happens to match the callback signature perfectly.

This works just fine if only a single component in your React app is interested in the authentication state. Duplicating the state and effect for each other component would be cumbersome.

But more importantly, this approach works only for permanent (not conditionally rendered) components in our app's render tree, since otherwise, they might miss the initial authentication state because onAuthStateChanged only notifies changes.

One way to tackle this is to provide the authentication state globally utilizing a React context and companion hook. Let's start with the context first:

// FirebaseAuthContext.tsx
import * as React from "react";
import firebase from "firebase/app";

type User = firebase.User | null;
type ContextState = { user: User };

const FirebaseAuthContext =
  React.createContext<ContextState | undefined>(undefined);

const FirebaseAuthProvider: React.FC = ({ children }) => {
  const [user, setUser] = React.useState<User>(null);
  const value = { user };

  React.useEffect(() => {
    const unsubscribe = firebase.auth().onAuthStateChanged(setUser);
    return unsubscribe;
  }, []);

  return (
    <FirebaseAuthContext.Provider value={value}>
      {children}
    </FirebaseAuthContext.Provider>
  );
};

export { FirebaseAuthProvider };
Enter fullscreen mode Exit fullscreen mode

Few things to note here:

  • User is a type alias for the authenticated Firebase user returned by onAuthStateChanged. The callback is called with null if no user is authenticated.
  • ContextState is a type alias for the value provided by our context FirebaseAuthContext.
  • We do not expose FirebaseAuthContext directly. Instead we expose FirebaseAuthProvider which encapsulates FirebaseAuthContext.Provider and a onAuthStateChanged subscription. It's quite similar to the CurrentUser implementation above.

Now let's define a simple hook that gives components interested in the authenticated user access to it:

// FirebaseAuthContext.tsx
// ...

function useFirebaseAuth() {
  const context = React.useContext(FirebaseAuthContext);
  if (context === undefined) {
    throw new Error(
      "useFirebaseAuth must be used within a FirebaseAuthProvider"
    );
  }
  return context.user;
}

export { FirebaseAuthProvider, useFirebaseAuth };
Enter fullscreen mode Exit fullscreen mode

Our hook useFirebaseAuth simply facilitates React.useContext to access the previously defined context. We explicitly check for undefined to catch possible misuses as early as possible.

FirebaseAuthProvider usually is instantiated only once in an App, typically near the root in order to give all components below the opportunity to access the user via useFirebaseAuth. Here's a simple (constrived) example:

// example.ts
import * as React from "react";
import { FirebaseAuthProvider, useFirebaseAuth } from "./FirebaseAuthContext";

// ...initialize firebase

function App() {
  return (
    <FirebaseAuthProvider>
      <UserName />
      <UserEmail />
    </FirebaseAuthProvider>
  );
}

function UserName() {
  const user = useFirebaseAuth();
  return <div>{user?.displayName || "unauthenticated"}</div>;
}

function UserEmail() {
  const user = useFirebaseAuth();
  return <div>{user?.email || "-"}</div>;
}
Enter fullscreen mode Exit fullscreen mode

A few things to note:

  • Firebase initialization is left out for the sake of brevity. You can check it out here if you haven't already.
  • The hook can be used by any component below FirebaseAuthProvider regardless of nesting level.
  • Every notification of onAuthStateChange triggers a re-render.
  • If your app manages state with Redux or a similar library, you may be better off handling the authentication state there as well.

I've found this approach very simple to implement and apply. It is based on Kent C. Dodds excellent blog post "How to use React Context effectively". You should definitely go and check it out for a more detailed description and some more background info.

Thanks for reading ๐Ÿค—

If you liked it and don't mind, give it a โค๏ธ

Take care & happy coding ๐Ÿ™Œ

Photo by Markus Spiske on Unsplash

Discussion (4)

Collapse
mahamoti1129 profile image
Mahamoti1129

Just so you know, there's a reddit user reposting this content as his own on multiple subs:

reddit.com/r/reactjs/comments/nr8i...

Collapse
dchowitz profile image
Denny Christochowitz Author

Thx for letting me know. Seems that the reddit post has been deleted in the meantime...

Collapse
dchowitz profile image
Denny Christochowitz Author

Oh no, he spammed a lot of sub-reddits with my post. I'll report him.

Collapse
digizeph profile image
Mingwei Zhang

Thank you for the post. Very clear and helpful!