I am trying to prevent users from creating multiple accounts.
Specifically, I want to check if a user currently signing in with a non-Phone Auth method (Facebook, Google, etc.) has previously signed in via Phone Auth.
When creating a Phone Auth account I require that a user enters an email address. Once the user is created I save the email address to their authUser account using:
authData.user.updateEmail(to: email, completion: { (error) in
// email added successfully
})
The email address is saved correctly and is visible in the Firebase Authentication Console.
However, when I try to find providers for that email address later, using:
Auth.auth().fetchProviders(forEmail: email, completion: { (providers, error) in
// providers.count = 0
})
or
Auth.auth().fetchSignInMethods(forEmail: email, completion: { (signInMethods, error) in
// signInMethods == nil
})
The email isn't found.
So it appears that the email is connected to the User but not a provider or sign in method.
Is it possible to connect the email to the Phone Auth provider data so the email is found when looking for multiple accounts? Is there another way to skin this cat without having to query Firestore? I want to prevent logged out users from accessing documents.
