4-digit SMS verification code authentication on Firebase

4
votes

I'm currently using Firebase email authentication in a Swift iOS app, but would like to incorporate a 4-digit passcode authentication via SMS (lots of modern apps use this.) Verification example

Because of the way my app works, requiring a password feels incredibly clunky and unnecessary.

In order to do this, I'd need to reset the password each time the user attempts to login, then send the password to the user via Twilio SMS, however the way that Firebase handles password reset will not allow this. In order to reset the password, you have to enter the old password, which interrupts this flow.

Has anyone done this successfully, and if so how?

Thanks in advance!

1
iosauthenticationfirebasefirebase-securityfirebase-authentication
I would suggest that you store the password in the device keychain and then perform the SMS verification on the phone. This requires the user to enter their password the first time (and any time the password changes)Paulw11
Hi Paul - if the user deletes the app and reinstalls, they will never be able to log in again, correct?Ben Belanger
Well, the keychain typically persists across application re-installs, but you would need to handle the situation where the stored password authentication failed and prompt the user to re-enter their password. This could be because there is no password in keychain or their password has changed/been resetPaulw11
@BenBelanger Did you get any success in achieving this?Zohra Khan
Hello @Zohra Khan, Firebase supports this natively now, you can check out my answer below.johnozbay

1 Answers

0
votes

Good news! As of yesterday, May 17 2017, Firebase supports this natively!

You can read more about it in the docs!