i want to make an application that check if the user is a real user. i want to create an double/multiple auth like some app did.
something like e-commerce app, the user create an account using login signup with firebase on flutter. when the user already sign in how can i check/ask user to did more verification something like 1 user account will need phone number and email verification to be able did something like upload a product or buying a product
i already make the user can be login using email, google sign in, an anonymus login
and once again how can i check if user is anonymus?
You can make use of the isAnonymous property of the user to know if the user is an anonymous user or a real authenticated user.
From your question it seems you want to re-authenticate the user before buying or uploading a product. For that you can use any of the following methods.
reauthenticateWithCredential
reauthenticateWithPhoneNumber
reauthenticateWithRedirect
reauthenticateWithPopup
Related
I'm using Flutter and Firebase.
I allow new users to sign up using Email and Password, and also Apple and Google sign in.
Now I need to prevent the same user from creating an account with Email and Password, and a different account with Apple/Google sign in. As it is currently, they can create two accounts, and I see two different accounts in the Firebase console. Is there a way to make sure that once a user signed up with one method, he cannot sign up with another method? For example, check if that email already has a user associated with it?
Thanks
Would anyone know how we could implement the following with Firebase auth. Docs/searches haven't produced a good answer yet. So the use case is as follows:
User comes to a site to buy something. We allow them to buy without any sign-up barrier and on checkout, just ask them for their email. An anonymous user is created and their purchase is sent to their email provided.
With that email, we'd like to set up a passwordless account for them so that the user can log in later just with their email and see items bought in their dashboard. For that the anon uid recorded with the purchase needs to be associated with the email.
So the question is how to achieve that an anon account upgraded to a registered account with the email provided.
We've tried inserting a passwordless sign-in link sending at the point of the purchase, but it just created a new account with a new id, which is not what's needed. We need the uid to stay the same as the anon user's so that we can simply connect their purchases to the newly email-authenticated account. Perhaps, there is a way of associating an anon uid with an email before sending that passwordless signin link?
Hope this makes sense, but please do ask if anything is unclear.
To create a Credential object from an email link, you can use the EmailAuthProvider.credentialWithLink method. You can then use this credentials object to upgrade your anonymous account.
Also see: Deleting User account with using Passwordless Authentication?
I am developing an invitation mechanism to our app. New users will be invited with their e-mail addresses or their telephone numbers. I would like to keep some records about the invited but non-registered user. So, I want to have their Firebase Auth User UID before they even signed up. Is this possible? Maybe using Firebase Admin SDK?
I don't want to use their e-mail addresses or telephone numbers to refer to them because UID feels like a better identifier. However, UID is not there before they sign up, right?
We toyed with creating a user and generating a passwordless login for them, etc. But whatever we do seems to mess with the initial sign up of users. It would be great if we could just get a UID and let the user sign up later.
You cannot create a user account, and then have the user "sign up" with the same UID. So you will have to handle your "sign up" flow a little differently.
In this demo an administrator creates a user account, and then invites the user to sign in by sending them an authentication code (jump ahead to the 3:00 minute mark in the recording). Then the user is allowed to sign in and activate their account by presenting the authentication code.
You can try to build something similar. For example you can save a flag for each new user in the database, and then clear that flag in a custom sign up action.
I have a current database with active users in Firebase that can login with user/pwd but now I'm implementing the facebook login and I realised the only way to link a facebook account with an existing user is only when the user is already logged with the user/pwd but not before the login.
I have two buttons in my app (login with fb and with email) but if I try to login with fb using the same email of an existing user, I will receive the following error auth/account-exists-with-different-credential and the documentation says that in order to fix this the user needs to login first then link.
Do you know if there is a way to link both accounts but without perform a login first, I mean, from the login view?
You need to sign in the user first before linking. This is important if you want to ensure it is the same user. Otherwise you can switch to multiple accounts per email in the Firebase console.
The way to solve this, when you get the error auth/account-exists-with-different-credential, the error will contain error.email and error.credential after you sign in with Facebook and the account already exists as a password account.
You then call firebase.auth().fetchProvidersForEmail(error.email) to which resolves with the list of provider IDs for that email. In this case, it will contain ['password']. You then ask the user to provide their password. You call signInWithEmailAndPassword(error.email, password) to sign-in the original user. You then call firebase.auth().currentUser.linkWithCredential(error.credential) to link the Facebook credential to the password account. Now both accounts are merged and the user can sign in with either.
I fixed it by going to the Firebase console. then head over to the authentication section and select the Settings Tab. Afterwards, go to User account linking and check Create multiple accounts for each identity provider
I have an Android app with use Firebase authentication using email and password. Recently added Google provider now my users can sign in wih his Google account, the problem is the following
There's an existing user example#gmail.com registered on my app, later the user sign in with his Google account Firebase automatically change the provider of the account from email to Google, the problem the user sign out and try to login with his email/password and got a message
The password is invalid or the user does not have a password
I understand why happens, but users (you know they are users) get frustrated because can't login with his email/password
There's some way to tell Firebase to keep the user password or when a user login with Google and this convertion happens in order to notify to user
Note My app only allow one account per email
I found there's a method fetchProvidersForEmail I asume I can build a flow over that method that check which provider have the user and allow the user chose if want to keep if old password by asking and linking account or just continue