Google Cloud Platform

How to authenticate users on Google App Engine using Firebase

Google App Engine offers a variety of user sign-in options, but what if you need a full stack solution for authentication, including verifying access tokens on the server? Meet Firebase Authentication, a complete sign-in experience that provides a drop-in UI, powerful SDKs, and, yes, backend services for token verification.

Firebase, Google’s backend as a service offering for creating mobile and web applications, has Node.js and Java server SDKs for integrating your own servers with Firebase Authentication. The Firebase Java server SDK offers a built-in method for verifying and decrypting tokens that you can use for authentication in Java App Engine apps, but no such SDK currently exists for the rest of the backend languages in App Engine.

Because using third-party JSON Web Token (JWT) libraries to manage authentication for other languages can be difficult, we just published a solution for Firebase Authentication on App Engine with Python, the first in a series for App Engine languages.

The tutorial walks you through a simple note-taking application called Firenotes that stores users’ notes in their own personal notebooks, which are identified by a unique user ID generated by Firebase. The application stores credentials in Google Cloud Datastore, but you can store them in any database, and even integrate your existing credentialing system with the user-ID-based method that Firebase uses.

(click to enlarge)

As the diagram above demonstrates, Firebase both mints the access tokens and provides public key certificates to verify them, so you need only to implement the verification code, which we have written for you.

We hope this solution helps you handle authentication quickly, so you can get back to writing the meat of the next great app!