Firebase Auth - How Long is Recent Login

I have a profile tab in which a user can press edit and edit their profile. I only want to require their password if I have to. So wanted to know how long is how many milliseconds of a user being signed in makes it not a recent login, in which firebase will throw the error "auth/requires-recent-login" when editing a users account? new Date(Date.parse(firebase.auth().currentUser.metadata.lastSignInTime)).getTime() Will give me an approximation of the last login (in milliseconds within 2000 milliseconds). I just want to know at what time should I ask the user to reauthenticate?

Answers:

Answer

Firebase Authentication sign-ins are permanent There is no specific time-out on the authentication of a user, so you should not ask them to re-authenticate based on the expired time.

The only you should ask the user to re-authenticate is when you perform an action in the code that requires recent authentication and it fails with a auth/requires-recent-login error code.

For example, this is how FirebaseUI detects the error upon user deletion:

 firebase.auth().currentUser.delete().catch(function(error) {
  if (error.code == 'auth/requires-recent-login') {
    // The user's credential is too old. She needs to sign in again.
Answer

firebase.auth().currentUser.metadata

If you type firebase.auth() in your browsers console and expand/view the resulting object you will find a metadata property under currentUser which contains the following fields. Note I added the dashes to hide the data in my output.

  metadata:
    Ia {a: "15---------00", 
    b: "15--------00", 
    lastSignInTime: "Wed, 13 Jun 2018 10:01:46 GMT", 
    creationTime: "Thu, 19 Apr 2018 18:48:09 GMT"}

Tags

Recent Questions

Top Questions

Home Tags Terms of Service Privacy Policy DMCA Contact Us

©2020 All rights reserved.