Clever Geek Handbook

Need advice on adding an Auth provider in a production app - Firebase

I launched the application a week ago, which now has a couple hundred users. The only authentication provider I used was gmail and my database structure looked like this:

- AllUsersInfo:
   - $userEmail                     // example: "blah@gmail.com"
       - "uid": $userUID            // example: "1234567890"
       - "name": $userDisplayName   // example: "John Doe"

- AllUsersData
   - $userUID                       // example: "1234567890"
       - "userData": { ... }

Basically, I did one node ( AllUsersInfo

) to just keep users' emails as the key and the username and username as the value. The other node ( AllUsersData

) actually contains all the user data they generate in the application as a value, with the key being their uid. I split these two nodes because the top is easy and good to find, and the bottom is extra secure and has more data.

Problem:

I am now adding Facebook authentication and am struggling to figure out how I can maintain the integrity of my database structure. The problem is that if someone previously logged in with gmail and now subscribes with facebook, their facebook account email might be the same as the gmail they previously signed up with. This will cause an overlap in the AllUsersInfo

node, as the keys must be unique in Firebase.

I am struggling to figure out how I can handle these overlapping cases. If I overwrote the previous email data in AllUsersInfo

node with a new name and uid, it would make the old user authentication unrecognizable. If I change the structure AllUsersInfo

to allow multiple uids and names, it causes some backward compatibility issues.

Can anyone help me find a good refactoring solution for this potential database?

+3


source to share


2 answers


My suggested solution to this problem, and also another problem that Facebook users may not even have email (they made their account using a phone number):

After authenticating the user via facebook (or gmail), check if their email is in the database or not email (phone number situation), in which case show them a screen asking them to enter an email to use with this new account.



Not the best solution, but it fixes both problems.

0


source


Your application currently only has hundreds of users. I advise you to use the Firebase UI library that handles all these issues and all you need to do is write 3-5 lines of code.

There is a link to the Android Firebase Library for Android here. Add it to your project and connect your app to Firebase by following these steps.

After that enable Google and Facebook Login from Firebase Console, follow the instructions and add these lines to your app.



startActivityForResult(
AuthUI.getInstance()
    .createSignInIntentBuilder()
    .setProviders(Arrays.asList(
                                new AuthUI.IdpConfig.Builder(AuthUI.GOOGLE_PROVIDER).build(),
                                new AuthUI.IdpConfig.Builder(AuthUI.FACEBOOK_PROVIDER).build()
                                ))
    .build(),
RC_SIGN_IN);

All test cases are now handled by Firebase and you can sit back and relax.

-1


source






More articles:


All Articles