strapi-plugin-firebase-authentication/dist/server/src/services/firebaseService.d.ts

Allows easy integration between clients utilizing Firebase for authentication and Strapi

declare const _default: ({ strapi }: {
    strapi: any;
}) => {
    getUserAttributes(): Promise<any>;
    delete: (entityId: any) => Promise<{
        success: boolean;
    }>;
    validateExchangeTokenPayload: (requestPayload: any) => Promise<any>;
    decodeIDToken: (idToken: any) => Promise<any>;
    overrideFirebaseAccess: (overrideUserId: string, populate?: string[]) => Promise<{
        user: any;
        jwt: any;
    }>;
    checkIfUserExists(decodedToken: any): Promise<any>;
    fetchUser: (decodedToken: any) => Promise<any>;
    generateJWTForCurrentUser: (user: any) => Promise<any>;
    createStrapiUser(decodedToken: any, idToken: any, profileMetaData: any): Promise<any>;
    validateFirebaseToken: (idToken: string, profileMetaData?: any, populate?: string[]) => Promise<{
        user: any;
        jwt: any;
    }>;
    /**
     * Authenticates a user with email and password through Firebase Identity Toolkit API
     *
     * @param ctx - Koa context object containing the HTTP request and response
     * @returns Response object containing user and JWT token
     *
     * @throws ValidationError - When email/password are missing or invalid
     * @throws ApplicationError - When Firebase Web API key is not configured or authentication fails
     *
     * @example
     * ```typescript
     * // Request
     * POST /api/firebase-authentication/emailLogin
     * {
     *   "email": "user@example.com",
     *   "password": "securePassword123"
     * }
     *
     * // Response
     * {
     *   "user": {
     *     "id": 1,
     *     "email": "user@example.com",
     *     "username": "user",
     *     "confirmed": true,
     *     "blocked": false
     *   },
     *   "jwt": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."
     * }
     * ```
     *
     * @remarks
     * This method acts as a proxy to Firebase's REST API, eliminating the need for
     * Firebase SDK on the client. It performs the following steps:
     * 1. Validates email and password inputs
     * 2. Retrieves Firebase Web API key from configuration
     * 3. Calls Firebase Identity Toolkit API for authentication
     * 4. Processes Firebase response and handles errors
     * 5. Looks up or creates Strapi user
     * 6. Generates and returns Strapi JWT token
     */
    emailLogin: (email: string, password: string, populate?: string[]) => Promise<{
        user: any;
        jwt: any;
    }>;
    /**
     * Forgot password flow - sends reset email with custom JWT token
     * Public endpoint that sends a password reset email with a custom token
     * The token links to your frontend app, not Firebase's hosted UI
     */
    forgotPassword: (email: string) => Promise<{
        message: string;
    }>;
    /**
     * Reset password with authenticated JWT
     * Allows authenticated users (or admins) to change a user's Firebase password
     *
     * @param ctx - Koa context with JWT in Authorization header and new password in body
     * @returns User object and fresh JWT for auto-login
     *
     * @remarks
     * Use cases:
     * 1. Admin-initiated password reset (via admin panel)
     * 2. User-initiated password change (when already authenticated)
     *
     * NOT used for forgot password email flow - that now uses Firebase's hosted UI
     *
     * @param password - New password to set
     * @param user - Authenticated user from ctx.state.user (populated by is-authenticated policy)
     * @param populate - Fields to populate in response
     */
    resetPassword: (password: string, user: any, populate: any[]) => Promise<{
        user: any;
        jwt: any;
    }>;
    /**
     * Request Magic Link for passwordless authentication
     * Generates a sign-in link using Firebase Admin SDK
     * Note: Verification requires client-side completion
     */
    requestMagicLink(email: string): Promise<{
        debug: {
            linkSent: any;
            email: string;
            message: any;
        };
        success: boolean;
        message: string;
        requiresFrontend: boolean;
        verificationUrl: any;
    } | {
        success: boolean;
        message: string;
        requiresFrontend: boolean;
        verificationUrl: any;
    }>;
    /**
     * Send email verification - public endpoint
     * Generates a verification token and sends an email to the user
     * Security: Always returns generic success message to prevent email enumeration
     */
    sendVerificationEmail(email: string): Promise<{
        message: string;
    }>;
    /**
     * Verify email with token - public endpoint
     * Validates the token and marks the user's email as verified in Firebase
     */
    verifyEmail(token: string): Promise<{
        success: boolean;
        message: string;
    }>;
    /**
     * Check if a password is valid for the authenticated user
     * Uses Firebase Identity Toolkit API to verify the password
     *
     * @param user - Authenticated user from ctx.state.user
     * @param password - Password to check
     * @returns { valid: true } or { valid: false }
     */
    checkPassword(user: any, password: string): Promise<{
        valid: boolean;
    }>;
};
export default _default;