[auth][phone] Allow for linkWithCredential() for PhoneAuthProvider.

[brianhiss]

@chrisbianca Pull request for linkWithCredential() capability with PhoneAuthProvider. (re: #119 (comment))

This allows someone to link a phone to a currently logged in user, or sign the user in.

To test:

firebase.auth().signInWithPhoneNumber(phoneNumber)
      .then(confirmResult => this.setState({ confirmResult }))

Set the credential object with the six-digit SMS code (codeInput):

let credential = {
   provider: 'phone',
   token: this.state.confirmResult._verificationId,
   secret: codeInput
};

• If there is a logged-in/anonymous user, call: firebase.auth().currentUser.linkWithCredential(credential);

• If no one is logged in, call: firebase.auth().signInWithCredential(credential);

[Salakar]

@brianhiss nice, thanks for this, its a good start so will merge it, will break though on android if auto verify - as it signs in straight after. Will update it a bit today to expand on your PR.

Also there is firebase.auth.PhoneAuthCredential.getCredential(verifyToken, smsCode); to get the credential

[brianhiss]

@Salakar Thanks for merging. I somehow missed firebase.auth.PhoneAuthCredential.getCredential(verifyToken, smsCode);.

As you said, it will break on Android with auto-verify. I think a few of us are stumped on the best practice for auto-verify, sign-in and linkWithCredential. The workflow seems to contradict itself.

[kevando]

@brianhiss thanks this PR works great. However, I'm experiencing a small issue..

When the current user is anon, and I link it to the phone user, the resulting user is all good, except its still user.isAnonymous == true

But if I sign the user in, it disregards the original user, but the resulting phone user.isAnonymous == false

var credential = firebase.auth.PhoneAuthProvider.credential(verificationId, codeInput)

// Links correctly but resulting user is still anonymous
firebase.auth().currentUser.linkWithCredential(credential)

// Signs in correctly not anonymous, but disregards data from anon user
firebase.auth().signInWithCredential(credential)

Am I missing something?

Edit: I should also mention that my linkWithCredential code worked fine for email. I also notice that Google doesnt include phone auth here, either.
https://firebase.google.com/docs/auth/web/anonymous-auth

[brianhiss]

@kevando I don't have time to dig into it today, but off the top of my head, I'm just listening to firebase.auth().onAuthStateChanged() and don't believe tracking user.isAnonymous, so you could be right. That could be a firebase bug, or intended behavior, not too sure right now.

I'm tracking providerData and providerId === "phone" when they have a valid phone number attached, or something of that sort.

I'll try to look deeper in the next couple of days when I get a chance, report back.

[chrisbianca]

@kevando Is this on iOS or Android? I was doing some work last week and noticed that the user doesn't reload correctly on iOS when using linkWithCredential - this is resolved on the latest version of the 3.0.x branch which we'll hopefully get a release of soon.

If this is an iOS issue and you're in a position to test whether this is now fixed, you can install the latest by doing the following:

npm install --save https://github.com/invertase/react-native-firebase#v3.0.x

[kevando]

Thanks @chrisbianca I am on iOS and installing that branch did not trigger onAuthStateChanged after calling linkWithCredential. I did not update the pod or anything so maybe I have to do that?

@brianhiss Thanks, I will use the providerData for determining whether or not a user is anon or not. thanks

[chrisbianca]

@kevando Ah, so onAuthStateChanged will only ever fire when the user is either logged in or logged out. This is by design in the Firebase SDK. However, the firebase.auth().currentUser will have been updated at the end of the linkWithCredential call.

I've found this to be confusing too and not very helpful when it comes to how you integrate easily into an app...

So, as of v3.0.6 there's a very experimental firebase.auth().onUserChanged() method which gets called every time the current user is changed with the User object. By experimental, I mean that it fundamentally works, but there may be some edge cases which we'd like to flush out. It's not documented yet and we aren't planning on officially including it until 3.1.0 comes out.

It's also not something that's in the web or native SDKs so technically violates are policy of sticking to these where possible. However, we will discuss this with Firebase directly as I feel it's something that would be of benefit for the core SDKs as well...

[kevando]

Totally makes sense and thanks for elaborating.

I only have this problem because I let the user create content before creating an account - a trend I hope to see more apps adopt. I'm going to hold off on the experiment branch - not cause I'm worried about the edge cases, I am just not the best at keeping all my node packages in order so the more default the better for me.