I've got a question about how firebase email verification work.
Case:
What happened to the already signed in user (in device A)? Is firebase signed them out or just verify new email, but still signed in with the current user?
The email verification occurs out of band and would not affect any existing firebase states until it is reloaded. If a user verifies their email, you have to call firebase.auth().currentUser.reload()
to update the emailVerified
property. If you are using firebase rules with emailVerified
field, you need to force a token refresh (firebase.auth().currentUser.getToken(true)
) after verification. You can use the Firebase realtime database to set some flag on email verification and detect it in the existing session to force a user to reload. This would require you build your own custom email verification handler: https://firebase.google.com/docs/auth/custom-email-handler
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With