Home > Back-end >  How to distinguish email-authenticated account or not on FirebaseAuthnication
How to distinguish email-authenticated account or not on FirebaseAuthnication

Time:10-10

I'm using Firebase and I'm very new about this. I'm using Authentication function in Firebase and coding about error handling. And I guess there are two patterns about email-already-in-use like:

  1. Email was registered and email Authentication completed as well, and users gonna send same email address and firebase announces the error above.
  2. Email was registered but Authentication was not completed yet, and users gonna send same email address and firebase announces the error above.

I want distinguish these status but FirebaseAuthException always throw email-already-in-use in common, how can I handle this ?

CodePudding user response:

Your comments under your question:

I'm using the method below 1. auth.createUserWithEmailAndPassword() // user email & pass registered in Firebase 2. user.sendEmailVerification()// Firebase sends email to users to identify 3.User open the email and finally entire authentication process completed

In this context email Authentication completed means #3 above, not only registered in Firebase but also user opened a email from Firebase and the account became effective status.

From your comments it is not 100% clear what you mean by "the account became effective status".

When you call the createUserWithEmailAndPassword() method from the front-end, upon success, the user is created in the Firebase Authentication service (i.e. is signed-up) and is automatically signed-in.

The fact that the user's email is verified (with user.sendEmailVerification()) or not will not impact the behaviour of the createUserWithEmailAndPassword() if you try to create a user with an email that is already existing in the Firebase Authentication service. In other words, whether the email is verified or not, the createUserWithEmailAndPassword() method will prevent you creating another user with the same email and will return an email-already-in-use error.


If you want, for a given email, to be able to create a new user with the same email if the user previously created with this email hasn't verified his/her email, you'll have to build your own verification system and create the Firebase Authentication user (i.e. account) yourself, e.g. with the Admin SDK in the back-end.


Update following your comments below:

Is this kind of process, creating user account and verifying the user's email, common in Firebase authentication ?

Yes, verifying the email before allowing a user to interact with the Firebase back-ends (DBs or Cloud Storage) is common.

Not only you can verify in your front-end if the email is verified (with the emailVerified property), but, more important, you can check this property in security rules (i.e. in the back-end).

More details here in the doc and see below an example of a security rule function that checks if the user's email is verified:

function isUserEmailVerified() {
    return request.auth.uid != null && request.auth.token.email_verified == true;
}
  • Related