My Firebase app has a certain sensitive operation, that the already signed-in user would ideally confirm by reentering his password.
I would like to show this (already signed-in) user a modal requiring him to reenter password and have Firebase check whether the entered password is valid for the user’s email, so I can let him perform the sensitive operation. Is there an API for this?
2
Answers
Personally, I have not used this method, but I’m just letting you know based what I have explored. There is a Firebase method called
reauthenticateWithCredential()for re-authenticating a user with their password. This may help with your requirement. please check from firebase docs Re-authenticate a user and a stackoverflow answer related to this. This may help you.There is no way you can delete an account in Firebase Authentication on behalf of another user. If this were possible, it would have been a very high-security risk.
Furthermore, there is no API that can help check a password against the one that exists in Firebase Authentication in the way you describe. The only option that you have is to reauthenticate the user. This means that since your user is already logged in, you only have to ask the user to provide the password. The reauthentication operation will obviously fail if the user provides an incorrect password.