pocha
commented
9 months ago We have to use custom auth flow for Firebase authentication
- Take phone, email & kilvish id as input
- Check if kilvish id is there in the DB
- kilvish id is present - check if the phone & email match
- email & phone does not match .. stop login & show popup to user with obfuscated phone & email asking user to enter the right values
- email & phone match .. send OTP to both phone & email .. continue as below
- kilvish id is NOT present ... send OTP to phone & email
- User can enter OTP from either phone number or email to continue login
- After verifying OTP, create user entry for kilvish id, email & phone number in the User DB ... send token to frontend & frontend will sign the user in
- kilvish id is present - check if the phone & email match
We need to use Firebase function with admin SDK which the frontend will call to check if kilvish id provided is present in DB & if the phone number & email matches. The function will also create the firebase token & send it back to frontend.
The frontend will use signInWithCustomToken function to register the user & login process will be done.
Firebase project link
Currently the signup screen is dummy. The user signup should happen with Firebase. A new user entry should be created in Firebase authentication DB with the user's phone number, email & kilvish id. There should be provision of OTP authentication.
If a user already registered with different phone number / email tries to authenticate/signup, an error should be thrown with popup showing obfuscated email & phone number associated with the kilvish id & telling user to use those values.