Firebase - Losing Auth Session After An Hour

Question

I added Firebase auth to my Reactjs (and Redux) web app and everything works perfectly. I'm using email / password sign in, and call firebase.auth().signInWithEmailAndPassword which persists on reloads, tab changes, etc. However, after about an hour, the auth session appears to expire and currentUser is set to null. It feels like there should be a setting somewhere in the Firebase console, but after searching through it, I can't find anything.

Any help would be really appreciated!

Is it the user session that is expiring or is it the token? ID tokens expire after one hour (which can't be changed), but are automatically refreshed behind the scene. User sessions don't expire after an hour. See https://stackoverflow.com/questions/37487283/firebase-3-x-token-session-expiration. — Adam Kipnis, Nov 27 '17 at 00:19
I think that for whatever reason, the token isn't being refreshed automatically. That link suggests calling firebase.auth().currentUser.getToken to manually refresh, but I can't do that since currentUser is null after an hour. I guess I could set a 55 minute timer and refresh it that way, but it seems really hackish... Any ideas on why it isn't refreshing? — npalansky, Nov 27 '17 at 06:27
User should not be logged out on ID token expiration. There is something else going on here. User is logged out if there is a big account change (user deleted, password changed, email changed, password reset, etc). Are you using `firebase.auth().onAuthStateChanged` listener to determine the initial state of a user? — bojeil, Nov 27 '17 at 23:46
I set `firebase.auth().onAuthStateChanged` up last night with a console log, but it's not helping too much. Immediately after logging in, it logs what appears to be a normal logged in status containing an email, refreshToken, uid, etc. Refreshing the page logs the same thing, however after an hour goes by, the log just returns 'null'. After that time, refreshing still returns null and the only way to get the user data back is to log out and back in. — npalansky, Nov 28 '17 at 22:54
Perhaps you need to save the UID of the user before attempting a token refresh. LocalStorage? — ruralcoder, Nov 04 '19 at 23:13

Louis Ameline · Answer 1 · 2021-09-25T06:57:46.937

6

I had the exact same issue, onAuthStateChanged was always triggered after 1 hour and the user was disconnected. And firebase.auth().currentUser.getIdToken(true) didn't help either, all because... Token Service API had to be enabled for my Google API key in the Google console. Problem solved!

Go to Google Cloud platform, type "Token Service API" in the search bar, click on it in the results, and click "Manage" on the new page, and finally "Enable API".

edited Sep 25 '21 at 06:57

answered Apr 18 '20 at 16:39

Louis Ameline

2,779
1
25
25

This was the solution for me! Thank you so much! – Garrison Jan 24 '21 at 23:52
Could u please explain what exactly i should do. Where i should enable Chris Token Service API? – Leo Sep 24 '21 at 16:45
2

@Leo I added details. Thank you – Louis Ameline Sep 25 '21 at 06:58
Thanks for this information. It was enabled for me , but sometimes after some days my user is log out for some reason. Need to check this deeply =) – Leo Sep 26 '21 at 21:35

Firebase - Losing Auth Session After An Hour

1 Answers1

Linked