I have one Firebase Authentication account and log in to multiple devices with the same account. the problem is that if I delete my account from one device, I need to delete the account from all devices. How can I do that?
The code to delete the account:
mAuth.signOut()
mAuth.currentUser?.delete()
2
Answers
What you encounter is the expected behavior. There are some cases, such as yours where the getCurrentUser() method will return a non-null FirebaseUser object, but that doesn’t mean that the underlying token is still valid. This typically happens, for example, if the user deletes the FirebaseUser on a device and the local token on the other devices has not been refreshed. This is exactly what you are experiencing. In this case, you’ll get a valid FirebaseUser object, but subsequent calls to authenticated resources, such as attempts to refresh the token, will fail since the token is not valid anymore.
To overcome this situation, I recommend you read my answer from the following post:
Furthermore, if you delete a FirebaseUser using:
There is no need to call:
Because delete() method:
Firebase Authentication is based on ID tokens, which are valid for an hour after they are minted.
So when you delete the user on one device, the tokens on other devices may stll be valid for up to an hour. You don’t really need to delete the account on all devices, but it may indeed take up to an hour before the other devices also show the user as logged out.
If that is unwanted in your use-case, you may want to read the documentation on managing user sessions. You could revoke the ID tokens (if you know them) as shown there, or (more easily) signal that the UID has been deleted to all clients in a database.