@Eli_Nathan another random strapi user here so take this with a grain of salt, but I was able to use @sjones6 response here to point me in the right direction and I was able to succesfully register and call a custom authStrategy with it.
The missing element is that you need to put this register code bit in the index.js file in the root of the src directory strapi generates (I imagine there is a better place for it, but whatever, this works). We are using the users-permissions plugin so what happens is they plugin runs first to check for the normal JWT strapi issues and if (and only if) it fails, then the custom strategy gets called. so you would just need to implement the verify and authenticate functions for your set up (we are using firebase auth) and use the users-permissions strategy source code as a rough template to follow for ‘things your custom function should mirror’. → link
Hope it helps. If I get a full working version with firebase auth I will share some better code. until then, here is a snippet of a slightly refactored (and radically simplified) set that at least runs. (index.js file)
"use strict";
const { getService } = require("@strapi/plugin-users-permissions/server/utils");
module.exports = {
/**
* An asynchronous register function that runs before
* your application is initialized.
*
* This gives you an opportunity to extend code.
*/
register({ strapi }) {
strapi.container.get("auth").register("content-api", {
name: "your-custom-jwt-verifier",
authenticate: async function (ctx) {
// Get JWT from context and validate.
const { authorization } = ctx.request.header;
if (!authorization) {
return { authenticated: false };
}
//This is a hardcoded user id for now, would change this to fetch based off email from the firebase id token validation phase
const user = await getService("user").fetchAuthenticatedUser(1);
if (!user) {
return { error: "Invalid credentials" };
}
ctx.state.user = user;
return {
authenticated: true,
credentials: user,
};
},
verify: async function (ctx) {
console.log("arrived to do things --> need to check permissions access here");
// const { credentials } = ctx.state.auth;
// just always pass for testing purposes now
return;
},
});
},
/**
* An asynchronous bootstrap function that runs before
* your application gets started.
*
* This gives you an opportunity to set up your data model,
* run jobs, or perform some special logic.
*/
bootstrap({ strapi }) {
const admin = require("firebase-admin");
const serviceAccount = require("../keys/specialKey.json");
admin.initializeApp({
credential: admin.credential.cert(serviceAccount),
});
strapi.firebase = admin;
},
};