Search code examples
reactjsfirebasegoogle-cloud-firestorenext.jsnext-auth

does NextAuth affect firebase billing?

I'm using NextAuth for authentication and connected it to firebase Auth as an adapter. I used this to authenticate my admin so it only triggers on certain pages. and as i understand it, nextAuth listens to a session and give the user permission to access the page. but i have some questions regarding this.

does nextAuth triggers on other pages that doesn't need authentication? and does NextAuth rechecks session and listens to firebase firestore multiple times or it only listens once?

import NextAuth from "next-auth";
import GoogleProvider from "next-auth/providers/google";
import { FirestoreAdapter } from "@next-auth/firebase-adapter";
import { db } from "../../../firebase";

export default NextAuth({
  providers: [
    GoogleProvider({
      clientId: process.env.GOOGLE_ID,
      clientSecret: process.env.GOOGLE_SECRET,
    }),
  ],
  secret: process.env.NEXTAUTH_SECRET,
  adapter: FirestoreAdapter({
    apiKey: process.env.FIREBASE_API_KEY,
    authDomain: process.env.FIREBASE_AUTH_DOMAIN,
    projectId: process.env.FIREBASE_PROJECT_ID,
    storageBucket: process.env.FIREBASE_STORAGE_BUCKET,
    messagingSenderId: process.env.FIREBASE_MESSAGING_SENDER_ID,
    appId: process.env.FIREBASE_APP_ID,
  }),
  // ...
});
Solution

  • Think of NextAuth as a layer that just sits there waiting for authentication-related requests. Without interaction it's not going to do anything by itself to drive up your billing costs.

    It only does something behind-the-scenes when one of your session-subscribed components performs a request. It then simply uses the refreshToken to get a new accessToken and expiration time to keep your session alive and to repeat that process until user sign-out.

    When you follow the Getting Started tutorial, it has you define the dynamic provider route handler:

    pages/api/auth/[...nextauth].js

    This dynamic end point contains a series of Callbacks which allows you to handle the flow of tokens. You also can dictate which components subscribe to the NextAuth session by which components use the useSession hook:

    import { useSession, signIn, signOut } from "next-auth/react"

export default function Component() {
  const { data } = useSession()
  const { accessToken } = data

  return <div>Access Token: {accessToken}</div>
}

    To answer your question directly, there are no billing-related concerns when it comes to using NextAuth library unless you implemented it in some improper fashion. This export default NextAuth({ module just implements once.