Session architecture
Firebase handles identity. The Next.js BFF stores the resulting auth state in a secure HTTP-only cookie so browser code never needs direct access after the exchange.
Firebase handles identity. The BFF exchanges the ID token for a secure HTTP-only session cookie.
Google sign-in also needs to be enabled in Firebase Authentication under the Google provider.
New here? Create an account