Skip to content
This repository has been archived by the owner on May 17, 2022. It is now read-only.

D.4 Phone Number

Jump to bottom
Hadi Tavakoli edited this page Dec 16, 2017 · 1 revision

Authenticate with Firebase using a Phone Number

You can use Firebase Authentication to sign in a user by sending an SMS message to the user's phone. The user signs in using a one-time code contained in the SMS message.

⭐ Phone numbers that end users provide for authentication will be sent and stored by Google to improve our spam and abuse prevention across Google services, including but not limited to Firebase. Developers should ensure they have appropriate end-user consent prior to using the Firebase Authentication phone number sign-in service.

Security concerns

Authentication using only a phone number, while convenient, is less secure than the other available methods, because possession of a phone number can be easily transferred between users. Also, on devices with multiple user profiles, any user that can receive SMS messages can sign in to an account using the device's phone number.

If you use phone number based sign-in in your app, you should offer it alongside more secure sign-in methods, and inform users of the security tradeoffs of using phone number sign-in.

Enable Phone Number sign-in for your Firebase project

To sign in users by SMS, you must first enable the Phone Number sign-in method for your Firebase project:

  1. In the Firebase console, open the Authentication section.
  2. On the Sign-in Method page, enable the Phone Number sign-in method.
  3. On the iOS side, your app must be able to receive FCM. To do that, make sure you have installed the FCM ANE first.

Send a verification code to the user's phone

To initiate phone number sign-in, present the user an interface that prompts them to type their phone number. Legal requirements vary, but as a best practice and to set expectations for your users, you should inform them that if they use phone sign-in, they might receive an SMS message for verification and standard rates apply.

Then, pass their phone number to the Auth.verifyPhoneNumber method to request that Firebase verify the user's phone number. For example:

Auth.listener.addEventListener(AuthEvents.PHONE_VERIFICATION_RESULT, onPhoneVerificationResult);
Auth.listener.addEventListener(AuthEvents.PHONE_CODE_SENT, onPhoneCodeSent);
Auth.listener.addEventListener(AuthEvents.PHONE_AUTO_RETRIEVAL_TIME_OUT, onPhoneTimeout);

// phone number format: +(country code)(mobile number with no initial zero)
Auth.verifyPhoneNumber("+11234567890");

private function onPhoneVerificationResult(e:AuthEvents):void
{
	// You don't need to do anything when the verification is successful
	// On a successful verification, the ANE will try to sign-in the user automatically.
	trace("PHONE_VERIFICATION_RESULT, smsCode = " + e.smsCode);
	trace("PHONE_VERIFICATION_RESULT, msg = " + e.msg);
}

private function onPhoneCodeSent(e:AuthEvents):void
{
	// On most Android devices, the ANE reads the sms automatically so you don't have to
	// pass the verificationId + the user input (the sms code) to the signIn method.
	// But on iOS, and sometimes on Android, you MUST save the verificationId and later
	// pass it to Auth.signIn(authProvider.getCredential());
	trace("PHONE_CODE_SENT, verificationId = " + e.verificationId);
}

function onPhoneTimeout(e:AuthEvents):void
{
	C.log("PHONE_AUTO_RETRIEVAL_TIME_OUT, verificationId = " + e.verificationId);
}

The SMS message sent by Firebase can also be localized by specifying the auth language via setting the languageCode property on your Auth instance.

Auth.languageCode = "fr";

// To apply the default app language instead of explicitly setting it.
// Auth.useAppLanguage();

if AuthEvents.PHONE_VERIFICATION_RESULT is not happening (on iOS and some Android devices) you need to use the verificationId you received from AuthEvents.PHONE_CODE_SENT and sign in like below:

// create a new authProvider object first
var authProvider:AuthProvider = new AuthProvider();

// decide what kind of credential this authProvider instance will hold
authProvider.setPhoneAuthProvider("verificationId-received-from-AuthEvents.PHONE_CODE_SENT", "SMS-code-found-in-the-sms");

// and finally feed Auth.signIn method with the parsed credential info from the authProvider instance.
Auth.signIn(authProvider.getCredential());

As before, you need to listen to the AuthEvents.SIGN_IN_RESULT event to see the sign in callback.

⭐ You can allow users to sign in to your app using multiple authentication providers by linking auth provider credentials to an existing user account.

Enjoy building Air apps – With ♥ from MyFlashLabs Team

Introduction to Firebase ANEs collection for Adobe Air apps

Get Started with Firebase Core in AIR

  1. Prerequisites
  2. Add Firebase to your app
  3. Add the Firebase SDK
  4. Init Firebase Core
  5. Available ANEs
  6. Managing Firebase iid

Get Started with Analytics

  1. Add Analytics ANE
  2. Init Analytics ANE
  3. Log Events
  4. Set User Properties

Get Started with Crashlytics

  1. Add Crashlytics ANE
  2. Test Your Implementation
  3. Customize Crash Reports
  4. Upload .dSYM for iOS apps

Get Started with DynamicLinks

  1. Add DynamicLinks ANE
  2. Init DynamicLinks ANE
  3. Create DynamicLinks
  4. Receive DynamicLinks
  5. View Analytics

Get Started with Authentication

  1. Add Authentication
  2. Init Authentication
  3. Manage Users
  4. Phone Number
  5. Custom Auth
  6. Anonymous Auth
  7. State in Email Actions
  8. Email Link Authentication

Get Started with FCM + OneSignal

  1. Add FCM ANE
  2. Init FCM ANE
  3. Send Your 1st Message
  4. Send Msg to Topics
  5. Understanding FCM Messages
  6. init OneSignal

Get Started with Firestore

  1. Add Firestore
  2. Init Firestore
  3. Add Data
  4. Transactions & Batches
  5. Delete Data
  6. Manage the Console
  7. Get Data
  8. Get Realtime Updates
  9. Simple and Compound
  10. Order and Limit Data
  11. Paginate Data
  12. Manage Indexes
  13. Secure Data
  14. Offline Data
  15. Where to Go From Here

Get Started with Realtime Database

  1. Add Realtime Database
  2. Init Realtime Database
  3. Structure Your Database
  4. Save Data
  5. Retrieve Data
  6. Enable Offline Capabilities

Get Started with Remote Config

  1. Parameters and Conditions
  2. Add Remote Config
  3. Init Remote Config

Get Started with Performance

  1. Add Performance ANE
  2. Init & Start Monitoring

Get Started with Storage

  1. Add Storage ANE
  2. Init Storage ANE
  3. Upload Files to Storage
  4. Download Files to Air
  5. Use File Metadata
  6. Delete Files

Get Started with Functions

  1. Write & Deploy Functions
  2. Add Functions ANE
  3. Init Functions
Clone this wiki locally