Replies: 3 comments 4 replies
-
I wish I knew so I could help, but must admit I don't. However this is a more general firebase question, I think you might get more attention (ideally from the firebase folks themselves) on stackoverflow if you post it there and tag it appropriately. I know they use that as a semi-official support channel for questions similar to this, so it might be the best way to get an authoritative answer. Alternatively, the firebase-ios-sdk has the auth module open sourced (android does not!) so you might be able to see via direct code inspection |
Beta Was this translation helpful? Give feedback.
-
I did not find a way to simulate that event. I gave up on it.
…On Tue, Dec 28, 2021, 3:44 PM Pierre ***@***.***> wrote:
Hi @bradstiff <https://github.com/bradstiff> did you manage to find a
solution to this issue?
I also realized on my end I cannot rely on the "onIdTokenChanged" event,
which seems to stop working silently after a while when the app is in
background; and I didn't want to rely on using getIdToken() for every
single remote calls...
—
Reply to this email directly, view it on GitHub
<#4989 (reply in thread)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/AEDU6IKZ2E4FB4FTTC6VBELUTI4WBANCNFSM4YT4LIXQ>
.
Triage notifications on the go with GitHub Mobile for iOS
<https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675>
or Android
<https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub>.
You are receiving this because you were mentioned.Message ID:
<invertase/react-native-firebase/repo-discussions/4989/comments/1881107@
github.com>
|
Beta Was this translation helpful? Give feedback.
-
@bradstiff could you give more context for the solution you made? I notice this as well where if say a user is deleted from the backend and their token expires, the app never signs them out. I'm not sure where this is meant to be detected as I expected the onAuthStateChanged function to capture this. But maybe I just don't have it setup right. @mikehardy is there any docs on how to handle the case when the token expires? |
Beta Was this translation helpful? Give feedback.
-
I'm using Firebase auth with Google Sign In and Facebook Auth. I'm signing in with the 3rd party provider, and then taking that credential and signing into Firebase. I add the Firebase user's idToken (via getIdToken, called every time) to every API request and then validate the token on the server.
Everything works perfectly.
But I have seen three cases where auth().currentUser.getIdToken throws an 'auth/user-token-expired' error. The error continues (ungracefully) until the user manually signs out and signs in again. In speaking with one of the users, he informed me he had changed his Google password previously.
So I have added code to catch this case and inform the user they need to sign in again. I am trying to verify my solution works as expected, but I cannot cause the error to happen.
I signed in with Google and subsequently changed the Google account's password. After an hour or so, I checked the app (where I was still signed in) hoping the error would occur when the app requested an idToken. But it doesn't occur.
How long does it take after changing your Google password for Firebase to no longer be able to generate idTokens?
Or am I missing something?
Beta Was this translation helpful? Give feedback.
All reactions