How to automatically delete Firebase inactive users from database and authentication? - ios

Even if the users are not anonymous, I would like to automatically delete the user authentication and user info in the database if they have not logged in for say, a year. This is to prevent old or spam accounts from taking up space in Firebase.
Is this possible without manually checking and deleting on the Firebase console?

You can use the Firebase Cloud Functions.
This sample do exactly what you need.
Here more samples for Firebase Cloud Functions.

Related

Can a device be blocked from accessing an application based on its FirebaseAuthentication ID?

If I notice fraudulent activity on my application by an authenticated user (by Firebase Authentication), can I block the device associated with this user so that he can no longer access my application? And if so, how do I do it?
Thanks for your attention !
A Firebase Authentication user has a UID, that you can use to allow them to access certain resources. To block a specific user from Firebase Authentication itself, you can disable their account. So don't delete it (as they can just recreate it in that case), but disable it. After doing that, they won't be able to sign in, and will be unable to refresh their ID token (which happens hourly).
If you use one of the Firebase databases (Cloud Firestore, or Realtime Database), you can also implement a list of banned UIDs in there, and then check against that in your security rules.

Is there a way to default disable users in a firebase authencation on signup?

I am currently developing an iOS appplication using xcode and Swift. My application works well with firebase including the function of email verification. Due to the nature of my application, I want users to be able to sign up, verify their email and then await further verification on the side of my client using firebase.
In an ideal world, firebase would have a setting that supports user being automatically disabled on signup, and you would just tick a box and the user would be enabled in the authencation page of the console.
Seeming as I am looking for my client to be able to do this, I need a way that is simple to them, so they can enable and disable accounts. There is a property in the firebase authencation page but no way to default it.
So.. My idea was to create a cloud function in firebase that automatically disables users on signup, and once my client has verified who they are they will enable them. Any ideas on what this function would look like? Disabled is a nice and easy boolean value so.
I am new to firebase, so wondering if anyone had came across this kind of issue? The link below shows the function on user creation.
https://firebase.google.com/docs/functions/auth-events#trigger_a_function_on_user_creation
You can add an Admin SDK function in the user creation event you have. See this for an example: https://firebase.google.com/docs/auth/admin/manage-users#update_a_user
The easiest way to automatically disable new user accounts is through Cloud Functions. See for an example the answer to this question about How to prevent new user registration on Firebase?.
But note that the user will already be signed in by the time the Cloud Function runs, so they'll have access until their current/initial ID token expired (up to an hour).
The proper solution is to check whether the user is verified before enabling any backend functionality. For Cloud Firestore, Cloud Storage, and Firebase Realtime Database, you can do this in their server-side security rules. See for some examples of this:
(Firebase) Firestore security rules - allow if email verified without custom tokens?
Security rule to only allow write for users with verified emails
How do I lock down Firebase Database to any user from a specific (email) domain?

How can I maintain several Google Sign-In sessions alive to allow users to switch accounts without logging out?

I'm currently trying to build an 'account switching' feature for my iOS App that uses Google Sign-In (with YouTube scopes to get YouTube channel data) & Firebase Authentication.
At the moment, if users want to switch accounts, they have to log out and log back in with another Google account, which is not great from a UX perspective.
My end goal is to allow users to log in with several channels and then choose the YouTube channel they want to see data for, from inside the app, without logging out and back in.
Is there a way to maintain several OAuth sessions alive to let user easily switch between accounts?
I have thought of storing the user's access token locally in a dictionary that would map channel ids with the relevant token but I'm not sure if that will be enough to maintain the state properly or if it will lead to a bunch of bugs.
Any ideas or suggestions are more than welcome.
Thanks.
With Firebase Authentication, there can only be one signed in user at a time. The SDK can't manage multiple signins at once. The prior user needs to be signed out at the time a new signin is processed.

iOS Firebase Swift: A way To Get All Users Using Auth

Is there a way to get all signed up users using FirebaseAuth. I know I can create users node and save users when they sign up, but I'm looking for a way to get users using something like Auth.getAllUsers since all I'm looking for is uid and displayName. I'm using swift, so admin sdk seems not supporting it.
There is no client-side API to get a list of all users, which is why many developers write details about the users into a database (such as the Firebase Realtime Database, or Cloud Firestore).
There is a server-side Admin SDK that allows listing all users. See https://firebase.google.com/docs/auth/admin/manage-users#list_all_users
You can create a cloud function that returns the results of the Admin SDK list all users function. Make sure that you remove any private data fields from the reply, though. The hashed password, salt, and providers are included in the data.

Firebase authentication with Parse user

I'm building an iOS (Swift) app that needs realtime chat as part of the functionality. While Parse works well for push, data storage, etc..., it doesn't support realtime. I would like to use Firebase for the realtime support, but need help authenticating to Firebase using a Parse user. I really don't know where to start with this. Any help would be greatly appreciated.
The question is pretty vague so a definitive answer is not possible: here's a thought.
Firebase and Parse are two different companies and therefore require separate authentications.
If your users have a username/password type authentication in Parse, you could use the same data in Firebase and authenticate through code. i.e. User creates a new account in Parse, and an account is created in Firebase via code. When the user authenticates to Parse, it also authenticates to Firebase via code.
There are a LOT of design elements to consider in going this route: how do you create a firebase user (in code) without your app authenticating itself as a 'super' user? Hard code credentials? That may be a security issue.
Are you going to keep two sets of user data? One in Parse and one in Firebase? What if a user needs to reset their password or account. As you can see, it can get out of control rather quickly.
You may want to consider sticking with one platform to simplify the entire process. By the sound of at least one of the requirements, Firebase can do much of what Parse can do but also give the real-time updates you need.

Resources