Google登录会删除现有的用户数据 [英] Google Sign-in removes existing user data

问题描述

我正在使用Firebase身份验证和Cloud Firestore构建一个Android应用程序.该应用程序具有多个Auth提供程序；用户可以使用其注册的电子邮件和密码或使用Google或Facebook登录.

I'm building an Android app with Firebase Authentication and Cloud Firestore. The app has multiple Auth providers; a user can sign in either using his registered email and password or using Google or Facebook.

这是问题所在: 用户首次使用自己的注册电子邮件和密码登录时，会将其详细信息存储在Firestore中的文档中.现在，如果同一用户注销并使用Google登录(链接到相同的电子邮件地址)，则登录成功，但是Firestore文档不见了；被Google登录提供的数据覆盖/替换.甚至注册的Firebase EmailAuth详细信息都消失了；全部被Google登录客户端覆盖.

So here's the problem: When a user first logs in with his own registered email and password, he stores his details in a document in Firestore. Now, if the same user logs off and signs in using Google (linked to the same email address), the login is successful, but the Firestore doc is gone; overwritten/ replaced by the data provided by the Google Sign In. Even the registered Firebase EmailAuth details are gone; all overwritten by Google Sign-In client.

我注意到的一件事是，发生上述情况时，控制台的Firebase身份验证页面中的电子邮件身份验证和Google登录身份验证(具有相同的电子邮件地址)具有相同的用户UID.

One thing I noticed was that the Email Auth and the Google Sign In Auth (with the same email address) have the same User UID in the Firebase Authentication page of my console when the stuff I mentioned above happens.

我想要的是: 用户使用其注册的电子邮件和密码登录，然后注销.当他通过Google进行登录时，如果已经注册了相同的电子邮件地址，则敬酒时将出现错误，阻止他通过Google登录. 基本上，如果他的电子邮件地址已经注册，那么他只能通过电子邮件和密码身份验证登录，而不能通过Google登录.

What I want is: The user logs in with his registered email and password and then logs out. When he goes in for login via Google, there needs to be an error toast preventing him from signing in via Google if the same email address has been registered already. Basically, if his email address has been registered, then he can log in only via email and password authentication and not via Google.

在这种情况下，Facebook可以提供帮助；如果已注册了相同的电子邮件地址，则不会登录，而是给出与此电子邮件地址已经与另一个帐户存在"等效的错误.我想在Google看到同样的事情.

Facebook helps in this case; it does not log in if the same email address has been registered, instead, it gives an error equivalent to "This email address already exists with another account." I want the same thing here with Google.

如果我的问题还不清楚，请尝试以下操作: https: //github.com/firebase/firebase-android-sdk/issues/25

If my question isn't all that clear, try this: https://github.com/firebase/firebase-android-sdk/issues/25

(是的，我注意到他们以预期行为"解决了问题，这就是我发布此问题的正当理由；我需要针对此行为的一种变通方法，使其能够执行我需要的操作).

(Yeah I noticed that they closed the issue with an "Intended Behaviour", which is the very reason I'm posting this question; I need a workaround for this behavior to make it do what I need).

推荐答案

我想要的是用户使用其注册的电子邮件和密码登录，然后注销.当他通过Google进行登录时，如果已经注册了相同的电子邮件地址，则敬酒时将出现错误，阻止他通过Google登录.基本上，如果他的电子邮件地址已经注册，那么他只能通过电子邮件和密码身份验证登录，而不能通过Google登录.

What I want is The user logs in with his registered email and password and then logs out. When he goes in for login via Google, there needs to be an error toast preventing him from signing in via Google if the same email address has been registered already. Basically, if his email address has been registered, then he can log in only via email and password authentication and not via Google.

解决此问题的流程是从一开始就要求用户提供电子邮件地址.有了电子邮件地址后，您可以检查用户是否已经有一个帐户.假设每个身份验证提供者都有不同的按钮，则可以根据用户首次选择的身份验证来显示或隐藏它们.例如，如果用户选择了带有电子邮件和密码的身份验证，请使用以下命令进行检查:

The flow for solving this problem is to ask the user for the email address from the beginning. Once you have the email address you can check if the user has already an account or not. Assuming that you have distinct buttons for each authentication provider you can display or hide them according to what the user has selected for authentication first time. For instance, if the user has selected the authentication with email and password, check that using:

auth.fetchSignInMethodsForEmail(email).addOnCompleteListener(signInMethodsTask -> {
    if (signInMethodsTask.isSuccessful()) {
        List<String> signInMethods = signInMethodsTask.getResult().getSignInMethods();
        for (String signInMethod : signInMethods) {
            switch (signInMethod) {
                case GoogleAuthProvider.PROVIDER_ID:
                    googleSignInButton.setVisibility(VISIBLE);
                    facebookSignInButton.setVisibility(GONE);
                    passwordSignInButton.setVisibility(GONE);
                    break;
                case FacebookAuthProvider.PROVIDER_ID:
                    googleSignInButton.setVisibility(GONE);
                    facebookSignInButton.setVisibility(VISIBLE);
                    passwordSignInButton.setVisibility(GONE);
                    break;
                case EmailAuthProvider.PROVIDER_ID:
                    googleSignInButton.setVisibility(GONE);
                    facebookSignInButton.setVisibility(GONE);
                    passwordSignInButton.setVisibility(VISIBLE);
                    break;
                default:
                    googleSignInButton.setVisibility(VISIBLE);
                    facebookSignInButton.setVisibility(VISIBLE);
                    passwordSignInButton.setVisibility(VISIBLE);
                    break;
            }
        }
    } 
});

对于EmailAuthProvider.PROVIDER_ID，隐藏其他按钮并仅显示为登录提供电子邮件和密码的按钮.如果用户是新用户，则显示所有按钮，以便用户可以选择一个或另一个身份验证选项.

In the case of EmailAuthProvider.PROVIDER_ID, hide the other buttons and display only the button that provides the sign-in with email and password. If the user is new, display all buttons so the user can choose one or the other authentication options.

P.S.如果您只想让用户使用特定提供商登录，则无需让用户选择使用其他提供商登录.

P.S. There is no need to let the user choose to sign-in with another provider if you only want to let the user sign-in with a particular one.

这篇关于Google登录会删除现有的用户数据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！