npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

wordpress-firebase-auth-bridge

v1.1.1

Published

API endpoint allowing users to authenticate in Firebase using Wordpress details.

Downloads

7

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

drptbldrptbl

Keywords

Readme

wordpress-firebase-auth-bridge

This is an API endpoint which is used by BRCS - Bot Remote Control System. It allows to authenticate users in Firebase with Wordpress details (using jwt). If user doesn't exist in Firebase it will be created first and then authenticated.

It works one-way-only so it creates and authenticates users from Wordpress in Firebase (doesn't work vice-versa yet).

In general what I wanted to achieve and what I actually achieved using this:

  • I've made a Wordpress Woocommerce online shop and wanted users from mobile app to have exactly the same authentication database as users from online shop
  • Users using online shop were authenticated by Wordpress database, but users using mobile app were authenticated by Wordpress first, then "copied" over to Firebase auth and then logged in to mobile app using Firebase SDK

You are thinking.. why not Wordpress only? Because I love Firebase features for mobile apps!

Features:

  • fully customizable
  • integrated with pm2 for auto-restarting, deployment and auto-scaling
  • rate limiting & brute force protection (uses redis in production to maintain banned users)
  • anti-ddos protection
  • bot protection (throws 404 for bots and crawlers)
  • integrated with cloudflare protection
  • saves logs to file
  • accept requests only from custom user agent (endpoint was used only by mobile app)
  • well integrated with pmx monitor & new relic

Endpoints:

  • status endpoint - /fb/status => GET
  • auth endpoint - /fb/auth => POST => format: {"username":"test","password":"test"}

Requirements:

Setup:

I will be honest here. There may be some steps missing so you will have to figure it out yourself (I've stopped using it because mobile app which uses it is not developed anymore).

  1. Install npm install --g babel-cli pm2
  2. Clone repository
  3. Run npm install
  4. Modify settings in these files:
    • ./keys/server.crt && ./keys/server.key => generate your own keys
    • ./serviceAccountKey.json => get whole file from Firebase project
    • ./newrelic.js
    • ./ecosystem.config.js
    • ./dev_ecosystem.config.js
    • ./settings.js
    • ./package.json => modify name of your app (if changed) in pre-defined commands

Things to keep-in-mind:

  • add your ssh key to deployment machine
  • configure pm2 on your deployment machine (pm2 link)
  • you could install some useful plugins for pmx monitor on deployment machine: (keep in mind that each of these has to be configured separately, also some of them are useless if you're not going to run Wordpress on same machine with Login API)
    • pm2 install pm2-server-monit
    • pm2 install pm2-php-fpm
    • pm2 install pm2-memcached
    • pm2 install pm2-mysql
    • pm2 install pm2-slack
    • pm2 install pm2-logrotate
  • you have to open some ports (for example in AWS security group => 2096 for API and 43554 for pmx monitor in my case)
  • if I recall correctly I had to exclude auth endpoint from cloudflare caching (somewhere on theirs website in domain settings)

Usage example:

  • Run setup first: pm2 deploy ecosystem.config.js dev setup
  • Then.. deploy!: pm2 deploy ecosystem.config.js prod
  • And save process to be run on next startup: pm2 save

Useful commands:

You can do all these steps above with one command npm run pm2devcleandeploy or if you already did setup you can do npm run pm2devdeploy. You can also remotely destroy already running instances with: npm run pm2devdeploydestroy and read logs using npm run pm2devdeploylogs or clean them up with npm run pm2devdeploycleanup.