Authentication

Secure user authentication with multiple providers for your Blazor WebAssembly applications.

Blazor WebAssembly Only

FireBlazor Authentication is currently designed for Blazor WebAssembly applications only. Blazor Server support is being evaluated for future releases.

Overview

FireBlazor provides comprehensive authentication support with multiple providers. The authentication module integrates seamlessly with Blazor's authorization system, allowing you to use standard [Authorize] attributes and <AuthorizeView> components.

Supported authentication methods include:

Email/Password - Traditional email and password authentication
Google OAuth - Sign in with Google accounts
GitHub OAuth - Sign in with GitHub accounts
Microsoft OAuth - Sign in with Microsoft accounts

Email/Password Authentication

Email and password authentication allows users to create accounts and sign in using their email address and a password.

Sign In with Email

Use SignInWithEmailAsync to authenticate existing users with their email and password.

// Sign in an existing user
var result = await Firebase.Auth.SignInWithEmailAsync("user@example.com", "password");

if (result.IsSuccess)
{
    var user = result.Value;
    Console.WriteLine($"Welcome, {user.DisplayName}!");
}
else
{
    Console.WriteLine($"Error: {result.Error.Message}");
}

Create User with Email

Use CreateUserWithEmailAsync to register new users with an email and password.

// Create a new user account
var result = await Firebase.Auth.CreateUserWithEmailAsync("user@example.com", "password");

if (result.IsSuccess)
{
    var user = result.Value;
    Console.WriteLine($"Account created for {user.Email}");
}
else
{
    Console.WriteLine($"Error: {result.Error.Message}");
}

OAuth Providers

FireBlazor supports popular OAuth providers for social sign-in. Each provider opens a popup window for the authentication flow.

Sign In with Google

Allow users to authenticate using their Google account.

// Sign in with Google OAuth
var result = await Firebase.Auth.SignInWithGoogleAsync();

if (result.IsSuccess)
{
    var user = result.Value;
    Console.WriteLine($"Signed in as {user.DisplayName}");
}

Sign In with GitHub

Allow users to authenticate using their GitHub account.

// Sign in with GitHub OAuth
var result = await Firebase.Auth.SignInWithGitHubAsync();

if (result.IsSuccess)
{
    var user = result.Value;
    Console.WriteLine($"Signed in as {user.DisplayName}");
}

Sign In with Microsoft

Allow users to authenticate using their Microsoft account.

// Sign in with Microsoft OAuth
var result = await Firebase.Auth.SignInWithMicrosoftAsync();

if (result.IsSuccess)
{
    var user = result.Value;
    Console.WriteLine($"Signed in as {user.DisplayName}");
}

Sign Out

Use SignOutAsync to sign out the current user and clear their authentication state.

// Sign out the current user
await Firebase.Auth.SignOutAsync();

Console.WriteLine("User signed out successfully");

Get ID Token

Use GetIdTokenAsync to retrieve the current user's Firebase ID token. This token can be used to authenticate requests to your backend services.

// Get the current ID token
var tokenResult = await Firebase.Auth.GetIdTokenAsync();

if (tokenResult.IsSuccess)
{
    var token = tokenResult.Value;
    // Use token for API calls
}

Force Refresh Token

Pass forceRefresh: true to force a token refresh, even if the current token is still valid.

// Force refresh the ID token
var tokenResult = await Firebase.Auth.GetIdTokenAsync(forceRefresh: true);

if (tokenResult.IsSuccess)
{
    var freshToken = tokenResult.Value;
    // Token is guaranteed to be freshly retrieved
}

User Properties

The FirebaseUser object provides access to various user properties after authentication.

FirebaseUser user = Firebase.Auth.CurrentUser;

// Basic properties
string uid = user.Uid;                    // Unique user ID
string email = user.Email;                // User's email address
string displayName = user.DisplayName;    // User's display name
string photoUrl = user.PhotoUrl;          // Profile photo URL

// Verification status
bool isVerified = user.IsEmailVerified;   // Email verification status
bool isAnonymous = user.IsAnonymous;      // Anonymous auth status

// Provider information
IEnumerable<string> providers = user.Providers;  // List of auth providers

// Timestamps
DateTime? createdAt = user.CreatedAt;         // Account creation time
DateTime? lastSignIn = user.LastSignInAt;     // Last sign-in time

Available Properties

Property	Type	Description
`Uid`	`string`	Unique identifier for the user
`Email`	`string`	User's email address
`DisplayName`	`string`	User's display name
`PhotoUrl`	`string`	URL to the user's profile photo
`IsEmailVerified`	`bool`	Whether the user's email has been verified
`IsAnonymous`	`bool`	Whether the user is signed in anonymously
`Providers`	`IEnumerable<string>`	List of authentication providers linked to this account
`CreatedAt`	`DateTime?`	When the user account was created
`LastSignInAt`	`DateTime?`	When the user last signed in

Auth State Changes

Subscribe to the OnAuthStateChanged event to react to authentication state changes. This is useful for updating your UI when users sign in or out.

@inject IFirebase Firebase

<h3>Welcome, @_user?.DisplayName</h3>

@code {
    private FirebaseUser? _user;

    protected override void OnInitialized()
    {
        // Get initial user state
        _user = Firebase.Auth.CurrentUser;

        // Subscribe to auth state changes
        Firebase.Auth.OnAuthStateChanged += HandleAuthStateChanged;
    }

    private void HandleAuthStateChanged(FirebaseUser? user)
    {
        _user = user;
        InvokeAsync(StateHasChanged);
    }

    public void Dispose()
    {
        // Unsubscribe when component is disposed
        Firebase.Auth.OnAuthStateChanged -= HandleAuthStateChanged;
    }
}

Remember to Unsubscribe

Always unsubscribe from the OnAuthStateChanged event when your component is disposed to prevent memory leaks. Implement IDisposable and remove the event handler in the Dispose method.