Do you need social logins? If not (and you just want email/password login) then implement it yourself. Auth isn't hard, and Firebase Auth doesn't provide you much in terms of managing roles/permissions or anything like that.
Authentication/Authorisation (AuthZ) is hard, brother. Implementing what you think looks like AuthZ is easy, but making sure you've got all possible avenues covered is hard.
Getting AuthZ correct and having everything covered is hard.
Security is hard.
Source: see the entire field of security and all the companies, products and services that have been invented to try and solve this problem.
