Menu
I'm working on an angular app and I use Firebase to authenticate my users. I would like to know how I could prevent my users to give their account to other people. Also I would like to prevent people to use the same account to login from different devices at the same time. I found some very good tutorials to build a presence system, but these system doesn't prevent the same account to be used by many different people on several devices. I have been able to check if a user is trying tu use an account that is already in use (online) but I can't manage to log out one of those users (using an alreaydy online account..). I tried to call auth.signout() inside the signInwithemailAndPassword() method but it doesn't work, I don't succeed in logout the users. Thank you for your help. What I would need is a snippet because theorically, everything is very simple.
978
Use device id and auth token both. At time of login save device id along with a token. and every time check if user is already logged in on any device, if yes then delete old token and generate new token.
To detect if a user is already logged in Firebase with JavaScript, we can call the onAuthStateChanged method. firebase. auth(). onAuthStateChanged((user) => { if (user) { // ... } else { // ... } });
Auth state persistence specifies how a user session is persisted on a device. Whereas Firestore enablePersistence enables Cloud Firestore data caching when the device is offline. You can choose one of three types of Auth state persistence on a specified Firebase Auth instance based on your application or user's requirements.
An explicit sign out is needed to clear that state. Note that Firebase Auth web sessions are single host origin and will be persisted for a single domain only. Indicates that the state will only persist in the current session or tab, and will be cleared when the tab or window in which the user authenticated is closed. Applies only to web apps.
It appears that Firebase does not directly support what you are looking for. You can however, do something like this: Create a tree in your database that stores a boolean value for user signins. SignedIn: { uid1: { "signedIn": true } uid2: { "signedIn": false } .....
Contact Firebase support to discuss special use cases. Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies.
Since you didn't state what language you're using I'm just going to use Swift, but the principles behind what I laid out here are the same for any language.
Take a look at this question. It appears that Firebase does not directly support what you are looking for. You can however, do something like this:
Create a tree in your database that stores a boolean value for user signins.
SignedIn: {
uid1: {
"signedIn": true
}
uid2: {
"signedIn": false
}
.....
}
I'm assuming some where after authentication you change the screen. You'll now want to perform an additional query before doing that. If the user is already signed in you can display an alert, otherwise you can just continue as you always did.
func alreadySignedIn() {
if let uid = Auth.auth().currentUser?.uid {
Database.database().reference().child("SignedIn").child(uid).observeSingleEvent(of: .value, with: { snap in
if let dict = snap.value as? [String: Any] {
if let signedIn = dict["signedIn"] as? Bool {
if signedIn {
// display an alert telling the user only one device can use
// there account at a time
}
else {
// change the screen like normal
}
}
}
})
}
}
Of course this just prevents the account from being "shared" at the same time. You can make a stricter guideline if you only allow sign in based on a device id. For example you could get the device id and only allow sign in on that device. You'd have to allow users to update this when they get a new device, but if you really want to lock your accounts down this might be a better option.
82
1
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
