search

firebase / firebase-ios-sdk

Firebase SDK for Apple App Development
https://firebase.google.com
Apache License 2.0
5.66k stars 1.49k forks source link

[FR]: Support multiple signed in users (per FirebaseApp name) when using userAccessGroup. #11906

Open sergiocampama opened 1 year ago

sergiocampama commented 1 year ago

Description

Currently, FirebaseAuth supports multiple user logins scoped by firebase app name, it will store the credentials using the app name. But if FirebaseAuth is shared to extensions using app access groups, the name based scoping is removed in favor of using a single "firebase_auth_firebase_user" account value. This means 2 things:

  1. When using userAccessGroups, any FirebaseAuth instance (scoped by FirebaseApp instances) sign in will be shared across all FirebaseApp instances (which is actually not expected at all).
  2. Simultaneous logins are not possible, since there's only a single storage account that is used.

I propose that the firebase name should be added to the keychain account name, to allow multiple logins even when the keychain is shared, or at least make an option to make it opt-in, and let developers decide how to handle multiple logins, instead of disallowing it.

API Proposal

Ideally, this should have not API changes, but for backwards compatibility, the default app name should resolve to using the current value of the account "firebase_auth_firebase_user", otherwise you might risk users getting signed out when rolling this out.

If there was to be an opt-in approach, there could be an allowsMultipleLogins on FirebaseAuth that would change this behavior to the new thing.

Firebase Product(s)

Authentication

google-oss-bot commented 1 year ago

I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight.