Firebase 3.0 session persistance

7
votes

It seems impossible to use session persistence in firebase 3.0.

This was possible in the previous version: https://www.firebase.com/docs/web/guide/login/password.html

authWithPassword() takes an optional third parameter which is an object containing any of the following settings:

remember - String
If not specified - or set to default - sessions are persisted for as long as you have configured in the Login & Auth tab of your App Dashboard. To limit persistence to the lifetime of the current window, set this to sessionOnly. A value of none will not persist authentication data at all and will end authentication as soon as the page is closed.

In version 3.0 there is no mention of the optional 3rd parameter: https://firebase.google.com/docs/reference/js/firebase.auth.Auth#signInWithEmailAndPassword

signInWithEmailAndPassword(email, password)
returns firebase.Promise containing non-null firebase.User

Also, in the new console (https://console.firebase.google.com/) I cannot find the option to change the default persistence.

3
sessionfirebasepersistencefirebase-authentication

3 Answers

5
votes

It may also be worth mentioning that you need to wait for the auth state to resolve. Per the docs:

The recommended way to get the current user is by setting an observer on the Auth object:

firebase.auth().onAuthStateChanged(function(user) {
  if (user) {
    // User is signed in.
  } else {
    // No user is signed in.
  }
});

Link to the docs here: https://firebase.google.com/docs/auth/web/manage-users

3
votes

In 3.0, users are currently always persisted until signOut() is called (or the user clears local storage).

2
votes

Firebase Auth JS SDK now supports sessionOnly persistence. For more on this, check https://firebase.google.com/support/release-notes/js#4.2.0 and https://firebase.google.com/docs/auth/web/auth-state-persistence

You can now specify or switch Auth state persistence before or after sign-in. For your case, you can specify session only persistence as follows: firebase.auth().setPersistence(firebase.auth.Auth.Persistence.SESSION)