I am using angularFireAuth and angularFireAuth provides a logged in user variables. Let say $scope.user.id and I use this to verify if the current user logged. And also I use angularFireAuth.logout() to logout user.
Everything work fine on a single open browser tab.
But it doesn't work on multiple tabs.
Login 1 of the tab WILL NOT login the other tabs and set the logged-in variables
Logout 1 of the tab DOES NOT clear the other tabs variables and logout.
So it means
I opened 2 tabs, I call it tab A and tab B. When I logout or login in tab A.
Tab B will not do neither. In the sametime, if I submit something required authenticated in tab b (which tab A already logged out). I still able to submit. (unless I manually do refresh).
If you refresh the browser when you return to the second tab the authentication stored in local storage should update.
You can also leverage the local storage event to share events with other tabs and windows on the same domain. In the case of firebase, the user should automatically be updated within local storage, and kick off an event.
Listen for the storage change event then use firebase getAuth or the API that calls getAuth in angularFireAuth.
Could look like:
function onStorageEvent(storageEvent){
var authData = ref.getAuth();
if (authData !== null) {
// you're logged in
}
}
To be safe a messaging protocol that allows you to specify the action or event that should be handled can be implimented to use the local storage (You will recieve an event everytime storage state changes, ensure to have a message field in storage you can update and only complete actions on the other tabs based on events that update that message array, more safety should be involved here as well).
Shared storage messaging should only be required in case user was previously logged out, and it is intended that, all browser tabs open should change to logged in state when the login is completed in a different tab. Once logged in, all firebase events over websocket recieved by TabA should also be recieved by TabB, so that intertab communication would not be required.
Related
It seems like the firebase auth triggers are onCreate and onDelete. I'd like to also fire some kind of trigger on non-create login (basically periodically syncing the user's avatar and display name and such with what's in the database).
I can fake this by just doing it on the client side, which is what i'm doing right now - just updating the user record with whatever is in firebase.auth.user. Excitingly, this can't be done right after login, since if the login is also account creation, the user record tends to not exist (since it is created via a triggered cloud function), and I can't tell from auth.signInWithPopup() if the resultant signin was a creation or login event.
There is no such trigger. As you've observed, it just provides onCreate and onDelete.
Firebase Auth doesn't provide a way to sync the user's avatar with their authentication provider. It just copies the URL once at the time the account was created.
If you need to update the user's profile picture, you will have to do that yourself by calling updateProfile() on the user object and provide a URL for the picture.
I'm using both Google Sign in and Email and Password authentication in my react native application.
I set up a listener for the authstate and it all works fine, my users are authenticated, the application proceeds to the Main Screen and all.
However, when looking at the "authentication tab" on the Firebase Console, my users have both the last sign in and created at to be the same time, despite how many times users have logged in after that.
I noticed that if I log out and log back in, the "last logged in" tab, changes the value. That means that sign in with "signInAndRetrieveDataWithCredential" which gets called when my users log in, does change that value, but the auth state listener, which is then listening to the persistence of my users, doesn't update it. I think that would be very important, since the users are opening your app and "signing in", even though they don't go through a login flow.
What can I do to update the value and have an updated list of when users were created and last signed in? That seems like some important information to keep track of how your users are using your app and if they are coming back.
A listener just detects a change in state. It doesn't force a change in state. The last sign in time is the time that the user was previously fully logged out, then your app used a sign in API to sign in. It's not the last time that your listener detected a prior sign in.
When the user signs in, that sign in is effectively permanent. The sign in doesn't expire until the user explicitly signs out (when your code calls the sign out API), or the system rejects the automatic refresh of their sign in (the account is deleted or disabled).
If you want to know the last time your authentication state listener triggered, you can store that on your own, but I don't think it will necessarily give you very useful information. The best is that you will know roughly the last time they were actively using your app.
How to use firebaseui-web autoUpgradeAnonymousUsers?
Situation:
Before a user is signed-in / logged in, this page could be rendered. However, after a user is signed, I could no longer display this page using the same sample code as https://github.com/firebase/firebaseui-web.
I have set autoUpgradeAnonymousUser: true. So what are the steps to use autoUpgradeAnonymousUser. It is not available in the demo app source code.
Before rendering FirebaseUI, you could call firebase.auth().signInAnonymously() to sign in on the Auth instance. And then pass the Auth instance to firebaseUI instance. If autoUpgrade config is turned on, when user click sign-in buttons, it would trigger the account linking to link google/facebook/password account to your anonymous account. However, you need to provide the SignInFailure callback in case there is merge conflict. Here you can find more detail and code sample: https://github.com/firebase/firebaseui-web#upgrading-anonymous-users
I have a react native app that users can login or signup through it, I use firebase to log them in but I don't understand what am I supposed to do with the returned object from firebase.auth().signInWithEmailAndPassword(email, pass); and createUserWithEmailAndPassword(email, pass);.
Am I supposed to use one of the parameters it returns? how?
Is each backend call (my backend not firebase's) supposed to be with one of the strings it returns?
Also which strings should I save on local storage so the users won't have to login again? I set firebase.auth().setPersistence(firebase.auth.Auth.Persistence.LOCAL);.
Also which strings should I save on local storage so the users won't have to login again? I set firebase.auth().setPersistence(firebase.auth.Auth.Persistence.LOCAL);
This ensures that Firebase persists the authentication token in local storage. You don't need to do anything else. When the app restarts, Firebase automatically finds the token in local storage and re-authenticates the user with that information.
Most likely you will need to add a listener to onAuthStateChanged() to ensure you can update the UI of your app to this authentication state. For more on this see getting the current user in the Firebase documentation.
In the case of a SPA (Single Page application), the returned object from firebase.auth().signInWithEmailAndPassword(email, pass); should be used to set the user name, email fields and display photographs inside your protected app pages. Also, since the user is in signed in state you can display private links inside this promise. You can also update user's profile inside this promise.
In the case of a multi page application, you might check the profile verification status and then redirect to your app's home page on the basis of the same.
You are supposed to get the ID token in your backend to identify valid requests
Firebase automatically stores the current user data in local storage which persists till the user logs out or the localStorage gets corrupted(?). You can confirm this from the fact that firebase auth does not work in case of Safari private browsing mode as it doesn't support localStorage methods.
In short, nothing has to be done on your part to ensure data persists in localStorage, Firebase uses onAuthStaeChanged event listener to toggle sign in stage for a given user across all registered devices.
Is there any way to get the device token for notifications on demand with react native? It seems, from the docs, like the only time the token is exposed is on the PushNotification register event.
More generally, what's the common practice for handling device tokens?
If one user logs into my app, the app requests permissions from PushNotification, the register event is fired and I can associate that device with the logged in user. So far so good, but if that user logs out, and I break that association to stop the notifications, what do I do when another user logs in? The app already has permissions, so register won't fire again. How do I get the device token to associate it with the new user?
Or am I thinking about this the wrong way?
It seems my assumption that the register event only fires when the user grants access was the problem. The register event will fire in response to a call to requestPermissions whether or not the user was prompted. So by requesting permissions and responding to the register event when the app loads, you can always get the device id. Like so:
PushNotificationIOS.addEventListener('register', (token) => {
... store or use the token here ...
});
PushNotificationIOS.requestPermissions();