Explanations

Using Firebase for Authentication

Note

The Django documentation tells us that: “authentication verifies a user is who they claim to be, and authorization determines what an authenticated user is allowed to do.” Django uses the term “authentication” to refer to both tasks. We will follow this convention in this explanation.

Why are we using Firebase for authentication?

ClinGen has many services. None of these services use the same authentication system. We want to have the same authentication system across different ClinGen services. PharmGKB is also planning on using Firebase. Firebase also provides some niceties like signing in with your Google or Microsoft account instead of the typical email and password login. Firebase also handles sending password reset emails.

How does authentication with Firebase work?

At a high level, here’s what happens:

• The user navigates to the login page.

• The user clicks the “Log In With Google” button or logs in with their email and password.

• On the frontend, JavaScript is used to get a token [1] from Firebase.

• On the frontend, JavaScript is used to send the token to the backend.

• The backend verifies the token using the Firebase Admin SDK.

• The backend returns a response to the frontend.

• The frontend handles the response from the server.

How do we integrate Firebase with Django?

Django has its own authentication system. However, Django allows you to customize the authentication system. Django has a concept of “authentication backends.” The default authentication backend is django.contrib.auth.backends.ModelBackend. To integrate Firebase, we use a custom authentication backend.

Footnotes

[1]

These tokens are JSON Web Tokens.

Using Bun

What is Bun?

Bun is a JavaScript runtime similar to NodeJS and Deno.

Why are we using Bun?

We use Bun to track our JavaScript dependencies in package.json, and we use Bun to build these JavaScript dependencies. In some cases, we use Bun to copy the already-built JavaScript dependencies from the node_modules directory into the static directory where Django takes over.

Bun is significantly faster than NodeJS and somewhat faster than Deno. Bun provides a pleasant developer experience.

What is the js directory for?

The js directory houses JavaScript modules that need to be built using Bun and then copied into the static directory.