Does Firebase Work With Lucia?
Firebase and Lucia can work together, but you're duplicating authentication logic since Firebase already handles auth—Lucia is best used as a lightweight alternative to Firebase Auth.
Quick Facts
How Firebase Works With Lucia
Firebase and Lucia serve overlapping purposes in the authentication layer, which makes using them together somewhat redundant. Firebase Auth handles user registration, login, password resets, and OAuth providers out of the box. Lucia is a session-based auth library designed to be lightweight and database-agnostic, typically paired with your own user management. If you're already committed to Firebase, you're better off using Firebase Auth directly rather than layering Lucia on top. However, if you want Lucia's session management with Firebase Realtime Database or Firestore as your user store, you can integrate them: use Lucia for session handling and token management while using Firebase as your database backend. This works well for developers who prefer Lucia's minimalist approach and want Firebase's infrastructure without using Firebase Auth. The main friction point is managing two authentication systems—you'll need to ensure Firebase tokens align with Lucia sessions, adding middleware complexity. This pattern works best in edge-runtime or serverless environments where Lucia's lightweight nature shines.
Best Use Cases
Lucia Sessions with Firestore Backend
npm install lucia firebase @lucia-auth/adapter-firebase-adminimport { Lucia } from 'lucia';
import { FirestoreAdapter } from '@lucia-auth/adapter-firebase-admin';
import { initializeApp, cert } from 'firebase-admin/app';
import { getFirestore } from 'firebase-admin/firestore';
const app = initializeApp({
credential: cert(serviceAccount)
});
const db = getFirestore(app);
const adapter = new FirestoreAdapter(db);
export const lucia = new Lucia(adapter, {
sessionCookie: {
attributes: {
secure: process.env.NODE_ENV === 'production',
httpOnly: true,
sameSite: 'lax'
}
}
});
// Create session after validating user credentials
const session = await lucia.createSession(userId, {});
const sessionCookie = lucia.createSessionCookie(session.id);
response.headers.set('Set-Cookie', sessionCookie.serialize());Known Issues & Gotchas
Firebase Auth and Lucia both manage user sessions/tokens, creating confusion about which system owns the session state
Fix: Choose one authentication system. Use Lucia for sessions + Firestore for users, or use Firebase Auth exclusively. Don't use both for the same user.
Firebase Admin SDK and Lucia have different session validation approaches, making it hard to verify users consistently across your app
Fix: Implement a single validation layer that checks Lucia sessions and syncs user data from Firestore, avoiding Firebase Auth token validation
Firebase's client SDK auto-initializes and manages authentication state globally, conflicting with Lucia's explicit session handling
Fix: Disable Firebase Auth in your Firebase config and only import Firestore/Realtime Database modules
Alternatives
- •Firebase Auth + Firestore (native Firebase solution, fuller integration)
- •Clerk + Firestore (managed auth with flexible database backends)
- •Supabase + PostgreSQL (open-source Firebase alternative with built-in auth)
Resources
Related Compatibility Guides
Explore more compatibility guides