0

Once I execute 

firebase.auth().signInWithEmailAndPassword(email, password).then((user) => {
    // here I save user to redux and set loggedIn to true
});

I am logged in. What next? My suggestions... After login I go to main flow of App and in App.js I execute onAuthStateChanged(). And if I still get user I am still logged in, if not I set loggedIn key to false and redirect user to Login screen. Next, I am using Redux persist to save loggedIn key between different launches of App.

But when (except I log out by myself) I'll be logged out? What period of life of auth session (if it exists) on firebase side? How it works?

Kamil Gosciminski
  • 16,547
  • 8
  • 49
  • 72
John Smith
  • 1,204
  • 3
  • 22
  • 42
  • 1
    "What period of life of auth session (if it exists) on firebase side?" Firebase Authentication sessions don't have an expiration interval. They last until the user signs out, or until there is another compelling event (e.g. a password change elsewhere) that requires them to reauthenticate. See https://stackoverflow.com/questions/37907096/firebase-authentication-duration-is-too-persistent – Frank van Puffelen Jun 20 '18 at 22:11
  • Ok, got it. I am logged in always by default. I check it by executing onAuthStateChnged in App.js, correct? So that each time app loading the user see spinner while the app connecting to firebase server to check if the user still logged in and if there were no any actions that forced user to log out. – John Smith Jun 20 '18 at 22:21
  • 1
    That sounds correct. But it's hard to be certain without seeing the code. Note that persisting the auth state on React Native has historically been tricky, so if you have a problem, be sure to post back with the minimal code that [reproduces where you are stuck](http://stackoverflow.com/help/mcve). – Frank van Puffelen Jun 20 '18 at 22:32

1 Answers1

1

.onAuthStateChanged() drives the sign-in state of your app. That's how it works.

firebase.auth().onAuthStateChanged(function (user) {
    if(user){
      //unhide non-public elements
    } else {
      //hide public elements
    }
});

You then use Firebase Security Rules to control who has access to what information.

Ronnie Royston
  • 16,778
  • 6
  • 77
  • 91
  • How usually looks hiding and unhiding of elements? Does it should be some list of all elements and for each should be some flag 'public', and then app either displays it or not? – John Smith Jun 20 '18 at 23:18
  • 1
    I do it via CSS classes. For example, add `class="account-holder"` to any elements which should only be shown to signed in users. You can then fire a function `function showAccountHolderElements()` which removes the `hidden/display:none` class from all of them. – Ronnie Royston Jun 20 '18 at 23:41