So I want to create a protected route for my app and I read this post Protected Route With Firebase. Some how I didn’t see any usage of local storage or cookies. I have created protected route with my custom jwt+Spring before and I checked the token (if it exists on the local storage). I wonder if firebase library automatically set the local storage for me so I don’t have to worry about it otherwise the credentials will be reset after user reload/refresh the page.
>Solution :
Firebase auth persists the authentication in local storage by default, and it will automatically re-authenticate if possible when the user returns to the page. The re-authentication is asynchronous, so you may need to set up your routing logic so it waits until you get your first callback from onAuthStateChange before deciding whether to allow the user into the route, or do something else. (EDIT: I checked out the post you linked and it does wait, like my suggestion 👍)
For more information on persisting auth state, see this page: https://firebase.google.com/docs/auth/web/auth-state-persistence