I am building a website using Angular and Firebase. I use the Angularfire2 and AngularFireAuth and GoogleAuthProvider (Google) libraries as my authentication provider.
Here is my service code:
import { Injectable } from '@angular/core';
import { Observable } from 'rxjs/Observable';
import { AngularFireAuth } from 'angularfire2/auth';
import * as firebase from 'firebase/app';
@Injectable()
export class AuthenticationService {
user: Observable<firebase.User>;
constructor(public afAuth: AngularFireAuth) {
this.user = afAuth.authState;
}
login() {
this.afAuth.auth.signInWithPopup(new firebase.auth.GoogleAuthProvider());
}
logout() {
this.afAuth.auth.signOut();
}
}
When a user "logs out" of my site, he works, but it seems to "cache" Google authentication. Therefore, when they try to log in a second time, I encounter several problems:
- The user is not allowed to choose a different Google account to log in.
- The user automatically logs in ... which seems like a security issue. Another user can go to the same shared PC and log in as the previous user and no password is required for this.
? , angularfire2/auth ? Google, ?