firebase-admin-python
firebase-admin-python copied to clipboard
firebase
`get_user_by_email` can silently return wrong result when "allow multiple accounts with the same email address" is set
Describe your environment
- Operating System version: macOS 15.2
- Firebase SDK version:
6.6.0 - Firebase Product:
auth - Python version:
3.12 - Pip version:
uv 0.5.11
Describe the problem
I'm worried that the get_user_by_email function misleadingly silently skips some results.
It's typed as returning a single user record given an email address:
https://github.com/firebase/firebase-admin-python/blob/8ba819a4175e758576f1a7cccc131c1b66d6417a/firebase_admin/_auth_client.py#L179-L194
However, it is possible to configure Firebase to allow multiple accounts with the same email address: https://support.google.com/firebase/answer/9134820
It looks like the implementation takes just the first user record if more than one matches the provided email:
https://github.com/firebase/firebase-admin-python/blob/8ba819a4175e758576f1a7cccc131c1b66d6417a/firebase_admin/_user_mgt.py#L583-L602
I'd suggest replacing it with a get_users_by_email that returns a collections of records, to avoid misleading programmers unfamiliar with the "allow multiple accounts with the same email address" option.
