I want to set multiple authentication services. As if user either sign in with email and password or phone number, but I want user to signUp with both email and password and phone number.
In Firebase Authentication terms this means that you want the user to sign up with multiple authentication provider. This is possible, although you'll have to implement the flow for it in your own application code. You then can link the providers together through the Firebase Authentication API, so that the user ends up with a single ID.
Related
Is it possible to send an SMS containing a one-time-token to a specific phone number through Firebase Authentication?
Conditions:
My App is a multi-user web app.
There are 2 user roles in My App: Admin, and Member.
I want to:
Member user clicks a button.
Send an SMS containing a one-time token to the admin phone number.
Admin user tell a one-time-token member user.
Member user fills out a form and presses submit.
Token is sent back to the Firebase and verified.
What you're describing is not a built-in flow for Firebase Authentication. The closest equivalent is Firebase's phone number authentication, but in that scenario the one-time password (OTP) is sent to the user who signs in to the app.
So you can either modify your flow to use another step for involving the admin user, or you can build your own provider for Firebase Authentication. In the latter case, you won't be able to use Firebase to send the SMS messages though, but will have to use another provider for that.
I am having a challenge with flutter firebase I want to make login signup using phone number and password. I will take phone number and password at the time of signing up and same for login the otp will after successfully matched password but I am struggling to create it. I have done simple login signup using phone number but with password its not happening any lead on how I can do it in flutter
You can allow your users to sign into your application using multiple providers by linking authentication credentials to existing user accounts. Users can then be identified using their Firebase UID, regardless of the provider they used to sign in
how to add/change a users phone number for enabling phone authentication on firebase Auth?
All of the documentation seems to refer to creating a new userid for phone auth but then I would end up with 2 userids for the same user
If you want to allow the user to sign in with two identity providers, you first create an account with one provider, then create an account with the other provider (e.g. phone auth) and get the credentials from that, and finally link the two accounts together into a single account.
I've created an account in Firebase using phone authentication. However, from the documentation, it mention that:
If you use phone number based sign-in in your app, you should offer it
alongside more secure sign-in methods, and inform users of the
security tradeoffs of using phone number sign-in
I couldn't find a field to inject the password into the users database.
Should I enable the password/email sign in method? Is there any documentation to refer to?
I added email and password using:
createUserWithEmail:email:password:completion:
2 accounts are created:
I should rephrase my question to:
If the user logout, when they sign in again should they use the phone number, or email and password?
This is what it says in the documentation:
Authentication using only a phone number, while convenient, is less secure than the other available methods, because possession of a phone number can be easily transferred between users. Also, on devices with multiple user profiles, any user that can receive SMS messages can sign in to an account using the device's phone number.
If you use phone number based sign-in in your app, you should offer it alongside more secure sign-in methods, and inform users of the security tradeoffs of using phone number sign-in.
So all it means is that it is better to use another method with it, like email/password method.
When you enable that, then the user can create an account using his email, and you do not need the password, only the user id after he creates an account.
more info here:
https://firebase.google.com/docs/auth/ios/password-auth
Base on #Peter Haddad answer:
Updated the code to link the phone authenticated user and email/password authentication method.
FIRAuthCredential *credential =
[FIREmailAuthProvider credentialWithEmail:userEmail
password:userPassword];
[[FIRAuth auth]
.currentUser linkWithCredential:credential
completion:^(FIRUser *_Nullable user, NSError *_Nullable error) {
// ...
FIRUser *tmpUser = user;
}];
You should see these in the console (with only one row with 2 authentication type instead of 2 rows) :
I have an Android app with use Firebase authentication using email and password. Recently added Google provider now my users can sign in wih his Google account, the problem is the following
There's an existing user example#gmail.com registered on my app, later the user sign in with his Google account Firebase automatically change the provider of the account from email to Google, the problem the user sign out and try to login with his email/password and got a message
The password is invalid or the user does not have a password
I understand why happens, but users (you know they are users) get frustrated because can't login with his email/password
There's some way to tell Firebase to keep the user password or when a user login with Google and this convertion happens in order to notify to user
Note My app only allow one account per email
I found there's a method fetchProvidersForEmail I asume I can build a flow over that method that check which provider have the user and allow the user chose if want to keep if old password by asking and linking account or just continue