0

I'm developing a web app and I use Firebase Authentication for the authentication service.

The project seems to store the authentication, since if I refresh the page, or close the browser, the user is still logged in.

However I noticed that if I don't access the app for a long time (more than 1 hour, after the night for example), the authentication gets lost.

I don't know how to debug this and how to solve this.

Following some snippets of code to better understand my implementation:

This is the function I have in my startup view to redirect the user to the right page based on auth status.

bool isUserLoggedIn() {
    var user = _firebaseAuth.currentUser;
    return user != null;
  }

  void handleStartupBasedOnAuthStatus() {
    Future.delayed(const Duration(milliseconds: 1000), () async {
      bool loggedInShared =
          await sharedPreferences.getBoolSharedPreferences("loggedIn");
      if (isUserLoggedIn() || loggedInShared) {
        String ruoloValue =
            await sharedPreferences.getSharedPreferences('ruolo');
        (ruoloValue == Ruolo.ADMIN)
            ? navigationService.replaceWith(Routes.admin)
            : navigationService.replaceWith(Routes.messages);
      } else {
        navigationService.replaceWith(Routes.login);
      }
    });
  }

In the following function I call the onAuthStateChange to set sharedpreferences accordingly. I have the check on the timestamp because I noticed that it is triggered more time once the page is refreshed.

void listenToAuthChangesSharedPref() {
    FirebaseAuth.instance.authStateChanges().listen((firebaseUser) async {
      var datetimeNow = (DateTime.now().millisecondsSinceEpoch);
      String oldDatetimeString =
          await sharedPreferences.getSharedPreferences('previous_timestamp');
      if (oldDatetimeString != null) {
        var oldDatetime = (new DateTime.fromMillisecondsSinceEpoch(
                int.parse(oldDatetimeString)))
            .millisecondsSinceEpoch;

        if (datetimeNow - oldDatetime > 1000) {
          if (firebaseUser == null) {
            await sharedPreferences.setBoolSharedPreferences('loggedIn', false);
          } else {
            await sharedPreferences.setBoolSharedPreferences('loggedIn', true);
          }
          await sharedPreferences.setSharedPreferences(
              'previous_timestamp', datetimeNow.toString());
        }
      } else {
        if (firebaseUser == null) {
          await sharedPreferences.setBoolSharedPreferences('loggedIn', false);
        } else {
          await sharedPreferences.setBoolSharedPreferences('loggedIn', true);
        }
        await sharedPreferences.setSharedPreferences(
            'previous_timestamp', datetimeNow.toString());
      }
    });
  }

My question is: is possible that after long time currentUser and also the onAuthStateChanges gets called and the user is not logged in?

xcsob
  • 837
  • 1
  • 12
  • 27

1 Answers1

0

Persisting authentication state# The Firebase SDKs for all platforms provide out of the box support for ensuring that your user's authentication state is persisted across app restarts or page reloads.

On native platforms such as Android & iOS, this behaviour is not configurable and the user's authentication state will be persisted on-device between app restarts. The user can clear the apps cached data via the device settings which will wipe any existing state being stored.

On web platforms, the user's authentication state is stored in local storage. If required, you can change this default behaviour to only persist authentication state for the current session, or not at all. To configure these settings, call the setPersistence() method (note; on native platforms an UnimplementedError will be thrown):

// Disable persistence on web platforms

await FirebaseAuth.instance.setPersistence(Persistence.NONE);

for more info:

for more info:

Jesus Loves You
  • 261
  • 5
  • 17