I am dealing with Firebaseauthentication for the Internet. The documentation states that
Some security-related actions, such as deleting an account, setting a primary email address, and changing a password, require the user to sign up recently.
If not, the request will complete with an error code auth/requires-recent-login, and I must manage this case by prompting the user to re-insert my credentials. Once I did this, I could easily re-authenticate the user with the following code:
firebase.auth().currentUser.reauthenticate(credential)
The reference API has some details. It turns out that credentialit is actually an object of type firebase.auth.AuthCredential. However, I still have a bunch of questions that I could not find the answer in the documents:
- How to create an object
AuthCredential? - More importantly, how do I work with providers (Google, Facebook, ...). I agree that changing the email address / password does not make sense to providers, since this is the wrong place to change them, so re-authentication is not applied in this case. However, deleting the user is still an action requiring re-authentication, and this can be done regardless of the authentication method. How to re-authenticate a user who is logged in with a provider?
- , . - .