Firebase integration in Turnero is entirely optional. The application starts and operates normally without it — clinic staff can register and log in using the standard ASP.NET Identity cookie flow. When Firebase is configured, it adds a second authentication path: API clients can obtain a Firebase-issued JWT and call theDocumentation Index
Fetch the complete documentation index at: https://mintlify.com/pabloeferreyra/Turnero/llms.txt
Use this file to discover all available pages before exploring further.
/api/Firebase endpoints to register or sign in programmatically. The Firebase Admin SDK is also used server-side to create user records in the Firebase project and to send email verification and password-reset links.
How Firebase Initialisation Works
During startup, Turnero looks for afirebase.json service-account file at a well-known path derived from the secretsFolder key in appsettings.json:
secretsFolder value shipped in appsettings.json is aspnet-Turnero-1D8EA02B-D124-439A-B5F8-DE2044EFFABA. You can override it by setting the secretsFolder key in your environment’s appsettings.json.
Service account file locations
| Operating System | Path |
|---|---|
| Windows | %APPDATA%\Microsoft\UserSecrets\aspnet-Turnero-1D8EA02B-D124-439A-B5F8-DE2044EFFABA\firebase.json |
| Linux / macOS | ~/.microsoft/usersecrets/aspnet-Turnero-1D8EA02B-D124-439A-B5F8-DE2044EFFABA/firebase.json |
Placing the file inside the user-secrets directory keeps it out of your project tree and away from source control. Never commit a service account JSON file to a repository.
Setup Steps
Create a Firebase project
Go to console.firebase.google.com, create a new project, and enable the Authentication product with the Email/Password sign-in provider.
Generate a service account key
In the Firebase console, navigate to Project Settings → Service accounts → Generate new private key. Download the resulting JSON file.
Place the service account file
Copy the downloaded JSON file to the path shown in the table above, renaming it to
firebase.json.Set JWT authentication keys
Configure the three authentication keys so the JWT bearer middleware can validate Firebase-issued tokens:Find your Web API Key on the Firebase console under Project Settings → General.
API Endpoints
TheFirebaseController exposes two [AllowAnonymous] endpoints that are reachable even under the global AuthorizeFilter:
POST /api/Firebase/register
Registers a new user in both Firebase Authentication and ASP.NET Identity. The username determines the role automatically:Administrador → Admin, Ingreso / IngresoPruebas → Ingreso, everything else → Medico.
Request body (UserFirebaseDTO):
The
role field is part of UserFirebaseDTO but is not used by the /register endpoint. The role is assigned automatically based on the name value: "Administrador" → Admin, "Ingreso" / "IngresoPruebas" → Ingreso, any other name → Medico. You may omit role or set it to null when calling this endpoint.UserRecord object containing the new user’s UID, email, and display name.
POST /api/Firebase/login
Exchanges email and password for a Firebase ID token by calling the Firebase REST sign-in endpoint (configured viaAuthentication:TokenUri).
Request body (UserLoginRequestDTO):
AuthFirebase):
idToken value as Authorization: Bearer <idToken> on subsequent API requests to endpoints that require the JWT bearer scheme.