How to implement a custom auth guard for Firebase in Adonis.js?

[TheAdamGalloway]

I'm new to Adonis.js and have came across an issue when extending the official auth package. My application has requirements for two auth methods for different user types, one being email + password with tokens as the transport (easy enough), the other being able to take Firebase tokens and check against my users table to see if the phone number within the token is present.

Firebase tokens are simply JWTs which contain a phoneNumber property within the payload. I will already have the phone number for my users stored in the database, so I just need to query the phone number from the JWT before making a request in order to get the full user object.

I don't understand where to start with creating my own custom 'guard', the documentation has a guide on creating a custom user provider, but that seems to just be the methods for finding the users from the data source (not decoding the tokens, etc.). The actual code for interpreting the JWT is simple, I just don't know where to put it.

I know I could implement this using custom middleware instead of extending the auth package, but I think it might give me some benefit down the road to do it the proper way.

[thetutlage]

Are you just looking to verify JWT token on every request to check if it is valid. Or do you also want to generate the Firebase token from the AdonisJS app when the user logins?

[TheAdamGalloway]

The token is generated by Firebase's server and sent to the client without passing through our application. We just need to take in that token with the request and check the payload to get the authenticated user's phone number (which is then used to get their row from the db).