Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Firebase still retrieving authData after deletion

After I manually deleted the account connected to the uid that my iphone simulator is on (from firebase dashboard), when I run the code below it's somehow still authenticating and retrieving a uid. How is this possible?

let ref = Firebase(url: "https://moviebuffapp.firebaseio.com/")

override func viewDidLoad() {
    super.viewDidLoad()

    if ref.authData != nil {

        let uid = ref.authData.uid
        print(uid)
like image 928
FortuneFaded Avatar asked Mar 12 '16 16:03

FortuneFaded


1 Answers

Deleting an account does not automatically expire the current session(s) for that account. Their current sessions will remain valid until they expire. You can set the session expiration interval in your Firebase Dashboard.

If you want to force the user to be logged out, call ref.unauth().

But in general you'll likely want to build authorization rules to prevent such users with valid tokens from deleted accounts to make changes to the data.

If you keep the user profiles in your database, you can check whether that record still exists in your security rules: root.child('users').child(auth.uid).exists().

Also see:

  • Firebase authentication not revoked when user deleted?
  • Deletion of User in firebase does not trigger onAuth method
like image 154
Frank van Puffelen Avatar answered Nov 16 '22 03:11

Frank van Puffelen