0

I was using Firebase Auth Gmail Authentication. While doing some random tests on the app, I deleted the account from Firebase Auth Console while I was still logged in. Now even if I uninstall the App and reinstall it, I still get the UID even though that UID is not present in the Firebase Auth Console. The first lines of code as soon as I open the app are as follows:

    val uidz = FirebaseAuth.getInstance().currentUser?.uid.toString()
    Log.d("uid as soon as i open the app",uidz)

Logcat Reads as

2022-09-27 21:40:01.802 23060-23060/com.example.alliaiseV1 D/uid as soon as i open the app: uZOs2XhBOrX4YU8qKem3lD4C7cy1

Strange parts:

  1. This UID if I navigate to some other page and re-check the current user changes to null
  2. Every time I uninstall and reinstall the App I see the same UID every time
  3. It only happens on my device for every other device when I re-install the App the current UID returns as null but for my device, it returns as the above in logcat
  4. Deleting App Data and Cache works but again if I reinstall I see the UID

I edited the code to :

    val uidz = FirebaseAuth.getInstance().currentUser?.uid.toString()
    Log.d("uid as soon as i open the app",uidz)
    FirebaseAuth.getInstance().signOut()
    Log.d("uidlogout", "${FirebaseAuth.getInstance().currentUser?.uid.toString()}")

The logcat I read for it is as follows :

  2022-09-27 21:45:06.228 23964-23964/com.example.alliaiseV1 D/uid as soon as I open the app: uZOs2XhBOrX4YU8qKem3lD4C7cy1
  2022-09-27 21:45:06.229 23964-23964/com.example.alliaiseV1 D/uidlogout: null

From where is this UID coming? Why do I see the same UID every time? How do I get rid of it?

Alex Mamo
  • 130,605
  • 17
  • 163
  • 193
Fawwaz Ali
  • 47
  • 6

1 Answers1

0

While doing some random tests on the app, I deleted the account from Firebase Auth Console while I was still logged in. Now even if I uninstall the App and reinstall it, I still get the UID even though that UID is not present in the Firebase Auth Console.

If you accidentally deleted a user account from the Firebase console it doesn't mean that the current token automatically expires for that account. No, the current tokens will remain valid until it expires. If you however are interested in changing the expiration interval, please note that this option is available in your Firebase console.

If you want to force a user to sign out, then you can use FirebaseAuth#signOut() method, which:

Signs out the current user and clears it from the disk cache.

To prevent that from happening, you should consider creating authorization rules. In this way, you'll be able to differentiate users with valid tokens from the ones that have deleted accounts. If you are using, for example, the Realtime Database to keep a user's data, then you can check whether that user still exists in your security rules using the following line of code:

root.child('users').child(auth.uid).exists()

For more info, I recommend you read David East's answer in the following post:

Alex Mamo
  • 130,605
  • 17
  • 163
  • 193