Cloudflare Workers compatible Firebase Admin SDK using REST APIs
npm install @sions/firebase-admin-edgeCloudflare Workers compatible Firebase Admin SDK using REST APIs and Web Standard APIs.
- ✅ 100% Cloudflare Workers Compatible - Uses only Web Standard APIs
- ✅ Firebase Authentication - User management, token verification, email links
- ✅ Firebase Realtime Database - Read, write, queries, transactions
- ✅ OAuth2 Token Generation - Service account authentication
- ✅ TypeScript First - Full type definitions included
- ✅ Zero Node.js Dependencies - Works in any JavaScript runtime (Workers, Deno, Bun)
- ✅ Firebase Emulator Support - Local development ready
``bash`
npm install @sions/firebase-admin-edge
Set these environment variables and the SDK will auto-configure:
`bash`
FIREBASE_ADMIN_PROJECT_ID=your-project-id
FIREBASE_ADMIN_CLIENT_EMAIL=your-service-account@project.iam.gserviceaccount.com
FIREBASE_ADMIN_PRIVATE_KEY="-----BEGIN PRIVATE KEY-----\n...\n-----END PRIVATE KEY-----\n"
Then use the SDK directly:
`typescript
import { getAuth, verifyIdToken } from '@sions/firebase-admin-edge';
// Verify ID token
const decoded = await verifyIdToken(idToken);
console.log(decoded.uid);
// Get user info
const auth = getAuth();
const user = await auth.getUser(decoded.uid);
console.log(user.email);
`
`typescript
import { initializeApp, getAuth, getDatabase } from '@sions/firebase-admin-edge';
// Initialize once at app startup
initializeApp({
projectId: 'your-project-id',
clientEmail: 'your-service-account@project.iam.gserviceaccount.com',
privateKey: process.env.FIREBASE_PRIVATE_KEY!
});
// Use Auth
const auth = getAuth();
const user = await auth.getUser('user-uid');
// Use Database
const db = getDatabase();
const snapshot = await db.ref('/users').get();
`
#### Verify ID Token
`typescript
import { verifyIdToken } from '@sions/firebase-admin-edge';
const decoded = await verifyIdToken(idToken);
console.log('User ID:', decoded.uid);
console.log('Email:', decoded.email);
`
#### User Management
`typescript
import { getAuth } from '@sions/firebase-admin-edge';
const auth = getAuth();
// Get user by UID
const user = await auth.getUser('user-uid');
// Get user by email
const userByEmail = await auth.getUserByEmail('user@example.com');
// Create new user
const newUser = await auth.createUser({
email: 'new-user@example.com',
password: 'SecurePassword123!',
displayName: 'New User'
});
// Update user
await auth.updateUser('user-uid', {
displayName: 'Updated Name',
photoURL: 'https://example.com/photo.jpg'
});
// Delete user
await auth.deleteUser('user-uid');
`
#### Email Action Links
`typescript
import { generatePasswordResetLink, generateEmailVerificationLink } from '@sions/firebase-admin-edge';
// Generate password reset link
const resetLink = await generatePasswordResetLink('user@example.com');
console.log('Reset link:', resetLink);
// Generate email verification link
const verifyLink = await generateEmailVerificationLink('user@example.com');
console.log('Verification link:', verifyLink);
`
#### Basic Operations
`typescript
import { getDatabase } from '@sions/firebase-admin-edge';
const db = getDatabase();
// Read data
const snapshot = await db.ref('/users/user-id').get();
const data = snapshot.val();
// Write data
await db.ref('/users/user-id').set({
name: 'John Doe',
email: 'john@example.com'
});
// Update data
await db.ref('/users/user-id').update({
lastLogin: Date.now()
});
// Delete data
await db.ref('/users/user-id/temp').remove();
// Push new child
const newRef = db.ref('/posts').push();
await newRef.set({
title: 'New Post',
content: 'Hello World'
});
`
#### Queries
`typescript
const db = getDatabase();
// Order by child
const byAge = await db.ref('/users')
.orderByChild('age')
.get();
// Limit results
const topUsers = await db.ref('/users')
.orderByChild('score')
.limitToLast(10)
.get();
// Range queries
const adults = await db.ref('/users')
.orderByChild('age')
.startAt(18)
.endAt(100)
.get();
// Equal to
const admin = await db.ref('/users')
.orderByChild('role')
.equalTo('admin')
.get();
`
#### Transactions
`typescript
const db = getDatabase();
// Atomic counter increment
const result = await db.ref('/counters/visits').transaction((current) => {
return (current || 0) + 1;
});
console.log('New count:', result.snapshot.val());
console.log('Committed:', result.committed);
`
`typescript
// worker.ts
import { initializeApp, verifyIdToken, getDatabase } from '@sions/firebase-admin-edge';
export default {
async fetch(request: Request, env: Env): Promise
// Initialize with Workers environment variables
initializeApp({
projectId: env.FIREBASE_PROJECT_ID,
clientEmail: env.FIREBASE_CLIENT_EMAIL,
privateKey: env.FIREBASE_PRIVATE_KEY
});
// Verify authorization token
const authHeader = request.headers.get('Authorization');
if (!authHeader?.startsWith('Bearer ')) {
return new Response('Unauthorized', { status: 401 });
}
const idToken = authHeader.substring(7);
const decoded = await verifyIdToken(idToken);
// Access database
const db = getDatabase();
const userData = await db.ref(/users/${decoded.uid}).get();
return Response.json({
user: decoded,
data: userData.val()
});
}
};
`
`typescript
import { initializeApp } from '@sions/firebase-admin-edge';
initializeApp({
projectId: 'demo-project',
clientEmail: 'test@demo.com',
privateKey: '-----BEGIN PRIVATE KEY-----\nfake-key\n-----END PRIVATE KEY-----\n',
authEmulatorHost: '127.0.0.1:9099',
databaseEmulatorHost: '127.0.0.1:9000'
});
`
Or use environment variables:
`bash`
VITE_USE_FIREBASE_EMULATOR=true
VITE_FIREBASE_AUTH_EMULATOR_HOST=127.0.0.1:9099
VITE_FIREBASE_DATABASE_EMULATOR_HOST=127.0.0.1:9000
- getAuth() - Get Auth instanceverifyIdToken(token)
- - Verify Firebase ID tokengetUser(uid)
- - Get user by UIDgetUserByEmail(email)
- - Get user by emailcreateUser(request)
- - Create new userupdateUser(uid, request)
- - Update userdeleteUser(uid)
- - Delete usergeneratePasswordResetLink(email)
- - Generate password reset linkgenerateEmailVerificationLink(email)
- - Generate email verification link
- getDatabase() - Get Database instanceref(path)
- - Get reference to pathget()
- - Read dataset(value)
- - Write dataupdate(values)
- - Update dataremove()
- - Delete datapush()
- - Generate new child locationtransaction(updateFn)
- - Atomic transactionorderByChild(path)
- - Order query by childorderByKey()
- - Order query by keyorderByValue()
- - Order query by valuelimitToFirst(limit)
- - Limit to first NlimitToLast(limit)
- - Limit to last NstartAt(value)
- - Range startendAt(value)
- - Range endequalTo(value)
- - Equal to value
- initializeApp(config) - Initialize SDKgetProjectId()
- - Get project IDisEmulatorMode()
- - Check if using emulatorgetEnvironmentMode()
- - Get current mode
- getAccessToken() - Get OAuth2 access tokenclearTokenCache()
- - Clear token cacheisTokenExpired(token)
- - Check if token expiredgeneratePushId()
- - Generate Firebase push ID
Full TypeScript definitions included:
`typescript`
import type {
UserRecord,
DecodedIdToken,
CreateUserRequest,
UpdateUserRequest,
DataSnapshot,
TransactionResult
} from '@sions/firebase-admin-edge';
`typescript
import {
FirebaseError,
FirebaseAuthError,
FirebaseDatabaseError,
isFirebaseError
} from '@sions/firebase-admin-edge';
try {
await auth.getUser('invalid-uid');
} catch (error) {
if (isFirebaseError(error)) {
console.error('Firebase error:', error.code, error.message);
}
}
`
library (Web Crypto-based JWT)
- Pure TypeScript/JavaScript$3
- Node.js built-in modules (fs, path, crypto, http, etc.)
- Node.js-specific APIs (Buffer, process.*`)Apache-2.0
Contributions welcome! This project maintains 100% Cloudflare Workers compatibility.
- Use only Web Standard APIs
- No Node.js built-in modules
- Test with Firebase Emulator
- Maintain TypeScript strict mode
- npm package
- GitHub Repository
- Cloudflare Workers Docs
- Firebase Documentation
- Create an issue on GitHub for bug reports
- Check existing issues before creating new ones
- Include error messages and runtime environment details