Help with Firebase

mikeshouman · May 10, 2022, 2:18pm

Hey guys,

I’m having problems creating a sign up / log in system in my game, and it would be great if someone can help me with this please.

What I’m trying to achieve:
1- Player sign up with a form [name, email, password]
2- Create account with email and password in Firebase
3- Create a document (player’s profile) in Firestore with auto generated ID, which includes several fields
4- Send a verification link to the player’s email which would start with “Hello Name”
5- Player logs in with a form [email, password]
6- Check if email is verified and connect with account
7- Get the fields in the player’s document (profile) that was created in Firestore
8- Keep account connected even after closing the game, and only disconnect if the user clicks on log out

Questions / problems I have:

Setting the display name is not working and the verification email starts with just “Hello”
How do I link the account to the document ID that was created?
How to keep the the user connected to the account even after closing the game

I’ve attached a simpler version screenshot of my code with only the basic conditions and events.

I would appreciate anyone’s help who knows better, and let me know what I’m doing wrong and missing.

Thanks!

arthuro555 · May 10, 2022, 9:41pm

Unless you explicitly log them out, firebase should keep them logged in even if you close the window, unless you wait long enough (days) for the session to expire before reopening the window.

Pretty aure you can change those emails from your firebase authentication console.

Instead of using a random document name name it after the firebase user ID (you can get it via an expression)

mikeshouman · May 10, 2022, 10:36pm

Thank you so much for answering Arthur!

I get it now! I thought the random generated document number is the User’s UID

Do you think it’s a good idea to store the email and password on the device’s local storage, then use it to automatically sign them in if the session has expired the next time they open the app?

arthuro555 · May 11, 2022, 5:39am

No. Don’t do that. Ever.
Not only should no software ever ever keep a clear text copy of a user’s password, but especially not on the user’s computer and in a way any software can read it.

Sessions that expire are a security mechanism that have a purpose, not something made to annoy you. Don’t try to bypass them.

Note also that session expiration is not something that will happen to your users all the time. When i say long I meant long enough that the chance exists one of the three ways a session can expire applies to them, which are not common events: Administra sesiones de usuarios | Firebase Documentation

mikeshouman · May 11, 2022, 3:21pm

Yeah that’s what I was thinking, it’s not secured. I’ll keep it as it is then and this shouldn’t be a problem.

Thanks for your insights, you’ve been a great help. Cheers!