I am working on android application that uses multiple authentication with the help of firebase like Facebook, Google and Email/Password. Each authentication works well in separate ways.
But, When I am login with google and then signed out and later when i am using facebook to do login by using same Email Id..
It says.
com.google.firebase.auth.FirebaseAuthUserCollisionException: An
account already exists with the same email address but different
sign-in credentials. Sign in using a provider associated with this
email address.
All i want to do is, Merge the account when user try to login with different authentication provider by using same email id.
Is, there any way to handle this by using firebase.
Please Help.
just change it here.. thats all.. you are welcome
Related
Does firebase auth help tackle same email id account issue?
For ex. say I am using firebase auth in my flutter app. I have Facebook and Gmail of same email. 1st I create account with Gmail, logout and then 2nd time I try to create account with facebook which has same email ID. Then is firebase designed to give me some type of error message saying "user with this email has already logged in with gmail" and vice-versa ?
Thanks in advance
You can configure whether users can create multiple accounts that use the same email address, but are linked to different sign-in methods. For example, if you don't allow multiple accounts with the same email address, a user cannot create a new account that signs in using a Google Account with the email address ex#gmail.com if there already is an account that signs in using the email address ex#gmail.com and a password.
Please find the details here.
No, Firebase won't throw any error, instead it will create a new account for the second sign-in provider. As Both Sign-In providers are different i.e one is facebook and other is google in your example.
If you really want to create a single account for multiple providers.Then you will need to link multiple providers to an single account.
Checkout Firebase official documentation for the instructions to achieve this on android:-
Firebase Docs
I'm implementing facebook login with firebase for my application. The objective is to develop a logic that the user can login with email/password provider or facebook provider. As i started developing, i found two ways to do what i want:
1 - Link facebook to email/password provider:
User has to be logged in with email/password to make this happen. Which means, if the user is not logged in, i don't have a reference (current user) to link the facebook provider. User cannot sign up with facebook provider because the email is already being used by another provider (email/password).
2 - Enable multiple accounts with the same email on firebase:
User can sign up with facebook and email/password. But firebase won't register the facebook data for the email/password provider. Which means, when i try to get the email from the current user, i have to specify the provider that have the email attribute (facebook provider). Email/password provider returns an empty email
final String email = firebaseUser.getProviderData().get(1).getEmail();
Conclusion
The first way won't work for me. User may not be logged in all the time. He may want to login in different ways. I don't want the user to insert his password for email/password provider just to link to his facebook provider.
If i choose the second way, i can't find a way to update the email attribute for email/password provider. And it wouldn't be a good practice to always check what providers the user have, just to specify which provider to get the email from.
Is there something i'm missing? I tried using updateEmail() when user signs up with facebook but it just updates the email attribute for facebook provider. Do i really have to make the user insert his password to create a link between the two providers?
To have the convenience of user profile information being provided by methods such as firebase.auth().signInWithRedirect() and firebase.auth().linkWithRedirect(), then the Firebase project needs to be configured with One account per email address (Firebase Console > Authentication > Sign-in method). This is the simplest (and default) configuration.
The original question stated:
I don't want the user to insert his password for email/password provider just to link to his facebook provider.
If a user consistently signs in using the same provider method (e.g. Facebook, password, email link, Google Sign-in) then he/she will never need to link accounts.
For users that want to sign-in using multiple providers, account linking is a straightforward user experience and only happens one time when first linking providers.
Linking Accounts
When the Firebase project is configured with One account per email address, then the first time a user attempts to sign-in with a different provider, you will receive the Firebase error auth/account-exists-with-different-credential.
Resolve this by calling firebase.auth.Auth.fetchSignInMethodsForEmail and then asking the user to sign in using one of the returned providers.
Once the user is signed in, the original credential can be linked to the user with firebase.User.linkWithCredential
Note that account linking works for any combination of providers. Hence, it doesn't matter if a user first signs-up using email/password and then later decides to sign-in with Facebook or vice versa.
I'm trying to use the linkWithCredential function from Firebase Auth, but I'm not sure whether I'm using it and understand it correctly.
We have a login page with 3 buttons in our app (Login with Email, Login with Facebook and Login with Google). When user login with any one of the providers everything works great (With every provider with its sign-in method).
But when user wants to login again in our app with a different provider we use the Firebase.auth.logout function and properly logging him out from Firebase.
It appears that we must need that the user will still be logged-in in order to link his account with a different provider.
Since user is not logged-in anymore I cannot use the Firebase.currentUser since it is null.
Do I need to get the current user provider by email, sign-in silently and then with that credential link it to the new provider? Also, it isn't clear whether we need to allow multiple account with the same email address enabled on Firebase console.
Is it possible to do that (linkWithCredential) without that option enabled?
Any help with examples on Android or iOS will be really helpful.
In my drive app registration activity when user put his/her email-id and hit register i want to login to my google drive account i will give email id,password login and share some files with user's given email-id and logout . And then start home activity.
I know about drive account picker but not getting how to login and logout with hardcode. and also to login how to give my password because user will be unaware of all these things i cannot use account picker. After logging out my account details should not be there in user's mobile account manager, gmail or anywhere else. Any one suggest how can i achive this or any alternative way to do it.
In simple words
How to login to drive account using my given email and password with Hard code.
After sharing files logout from my account with hard code.
I doubt this can all be done on Android. You will need to create a web app to do the sharing.
So ..
your Android app will call a REST API on your web app, passing the email address
your web app will retrieve a stored refresh token for your account
it will use the refresh token to request an access token
it will use the access token to share the files with the email address
I'm trying to integrate an existing login system for a mobile application with some social media sign-in solutions. I successfully managed to integrate both facebook and google+ sign in with my app and I get to the point where the users are signed in and I can get their social information.
But now I was left wondering which would be the best approach in order to integrate users that decided to use a social media account with my native login system. Should I use their email accounts as login and maybe generate a password on the server side? Or maybe use an oauth token instead of a password?
I need to keep track of my users, even the ones that did not formally filled a registration form. So what should I place instead of email + password?
This can be tricky - the majority case is easy, but you need to think about the edges. I find it easer to consider email/password as just another authentication mechanism. You want
A user record with the core data about that user (perhaps name, email address, app specific profile data etc.)
A series of records for their connected auth methods, e.g. Google+, Facebook, user/pass.
The connected auth methods can store the relevant information for those methods - e.g. for Google it would likely be Google user Id and perhaps refresh token if using offline access. This makes it easy for you to offer connecting multiple social accounts.
Password may be a special case that you want to store against the original user record. In that case, if someone signs-up using a social login, then you can either generate a random password, or leave it null. Either way, as long as you request the email address for the user, you can always let them go through a Forgot Password flow (where you generate and email them a password) if they want to access their account but no longer have their 3p login.
What you don't want to do if avoidable is to force the users to give you a new password just after they sign in. However, it you are allowing multiple login methods to be associated with one account, you might want to allow associating them. So, your flow might be:
User signs in (with 3p or email/pass)
If you have a record for that login method (e.g. matching Google or Facebook user id, matching email/pass combination), sign the user in, and you are done.
If you have no matching record for that sign in method:
See if you have a matching email address with an existing user account. If you do, some sites automatically merge the new login method to this account. If privacy/security is more of a concern you might want to confirm the user wants to login to that account, or make them go through a 1-time validation (e.g. "it looks like you've signed in with a password before, please enter your password now to link your account and your Google account" etc.). Then link the accounts and continue as if signed in.
See if you have an account which may be that person. E.g, perhaps you have an account with a matching name. In that case, you might want to hint the user to connect their accounts (e.g. a prompt somewhere that says "have you connected before with Facebook? Click here to link these accounts" which then takes the user through a sign in process for the login method you suspect they might have).
If they look totally new, create a new user record, and treat them as newly signed up.
Its significantly easier if you can treat email address as a unique field. That means if someone signs in with a 3p account associated with an email address you already have a user for you might have to force them to link their account before continuing. If they didn't want to and you required an email address, you could prompt them to enter one manually and then validate it as normal by sending them an email and having them confirm it.
ChrLipp's links are good, also take a look at the guide for using FB and G+ together on the Google Developers site: https://developers.google.com/+/best-practices/facebook
How did you implement the social media sign-in's? For example Facebook: did you use Login for Android? In this case the docs say under Checking login status:
Apps using our SDKs can check whether someone has already logged in using built-in functions. All other apps must create their own way of storing when a person has logged in, and when that indicator is not there, proceed on the assumption that they are logged out.
And if you follow the link to Storing access tokens and login status you can read:
The token should be stored so it's available to all parts of the app when it makes API calls. ... If you're building a ... mobile app, then you should use the datastore available to your app. Also, the app should store the token in a database along with the user_id to identify it.
Have an enumeration (NativeLogin, Facebook, GooglePlus) and depending on this enumeration the following information:
NativeLogin
UserName, Password
Facebook and GooglePlus
Facebook or GooglePlus ID and their User Access Token
In all cases you should store the email adress you get in an additional field.