FirebaseUI-Android icon indicating copy to clipboard operation
FirebaseUI-Android copied to clipboard

Published 20 hours ago verified publisher icon firebase

FirebaseAuthUI issue keeps trying to sign me up instead of logging in when trying to use email on Android

Open nicolo09 opened this issue 2 years ago • 6 comments

Step 1: Are you in the right place?

Asking here since this problem is almost certainly related to a security feature of firebase auth that should not be disabled and it should be solved here instead

Step 2: Describe your environment

  • Android device: Xiaomi 12T
  • Android OS version: Android 13
  • Google Play Services version: 23.42.12
  • FirebaseUI version: 8.0.2

Step 3: Describe the problem:

When I write my email and click next it goes to the sign up window instead of asking my password, and if I fill the form and press save it says there's an error with my email address (because it already is in the DB) preventing a signed up user from signing in

Steps to reproduce:

  1. Make a new Firebase project
  2. Make an android app using the firebase default login ui
  3. Try to sign in with an email

Observed Results:

When disabling email enumeration protection from google cloud console it works

Relevant Code:

Original question on stackoverflow with workaround provided by Frank van Puffelen in comments

nicolo09 avatar Oct 29 '23 20:10 nicolo09

Facing the same issue!

bdmariobd avatar Oct 29 '23 22:10 bdmariobd

Same here. Also when disallowing new accounts ( AuthUI.IdpConfig.EmailBuilder().setAllowNewAccounts(false) ) it complains that no matching email address is found, but I can see the accounts in the Firebase console and I can login with a direct call to FirebaseAuth.getInstance().signInWithEmailAndPassword(...)

tgrtb avatar Nov 06 '23 09:11 tgrtb

same thing here

mp3killa avatar Nov 16 '23 06:11 mp3killa

There is a simple explanation and solution for this behaviour on new Firebase projects: Google changed the default settings for Authentication but did not update FirebaseUI accordingly. To get your authentication to work go to the Firebase console, select your project and product Authentication.

In product Authentication go to Settings - User actions and disable 'Email enumeration protection' although it is named as "recommended" - if enabled this will fail your attemps to sign-in an existing user.

firebase_authentication_settings

MichaelsPlayground avatar Dec 17 '23 23:12 MichaelsPlayground

https://github.com/firebase/FirebaseUI-Android/issues/2142#issue-1943284812

fwadnjar avatar Dec 22 '23 17:12 fwadnjar

This project is dead, I recommend users avoid it. If you want some advice from someone with experience (unless you have a large team and a lot of money): 1) create your own email sign-in for Android 2) don't use Google, Facebook etc for logging in because they will just break on this or that platform and cause you headaches and time.

Casey10110 avatar Jan 30 '24 17:01 Casey10110