firebase unauth with google doesn't allow change of user

2
votes

Is there a setting, either in Google projects or in Firebase databases for specifying that unauth should not cache user credentials? One I have logged into my app via the Firebase Google authentication, calling unauth() does not permit me to log in again with a different account. An attempt to login after that immediately logs in with the old credentials without asking for a new username and password. Closing and reopening the browser after the logout didn't help.

1
authenticationfirebasegoogle-oauth
I have the exact same problem as you, what if the user wants to switch to another account? Seems like a bit much to ask the regular user to understand that it needs to change account permissions for my app. Have you found a solution?Swift

1 Answers

2
votes

Firebase doesn't have access to your credentials when you use its Google authentication. Instead it uses OAuth to create a relationship between the Google account and your application.

When you call unauth Firebase expires the token that is part of the current session. But it does not remove the relationship between the Google account and your application. That's why you "automatically" get a new token when you call auth... next time.

It is up to each individual user to revoke the rights, which in the case of a Google account they can do at the Account Permissions page: https://security.google.com/settings/security/permissions