Skip to main content

Authentication & Sessions

Quick links: Frontend β€’ Backend

Frontend​

  • apps/web/src/lib/firebaseClient.ts initializes Firebase and exposes helpers:
    • getFirebaseAuth() returns the client auth instance
    • Passwordless helpers: sendEmailSignInLink, completeEmailLinkSignInIfPresent
  • apps/web/src/context/AuthContext.tsx tracks user and subscription view state.
  • Session sync: on ID token changes, the client POSTs the token to the backend endpoint to mint an HTTP‑only cookie.

Related backend: see Backend

Backend​

  • apps/web/src/app/api/auth/session/route.js creates/clears the HTTP‑only __session cookie via Firebase Admin createSessionCookie().
  • apps/web/src/middleware.js enforces presence of __session on protected paths (e.g. /dashboard, /api/billing/*).

Related frontend: see Frontend