Firebase在删除后仍然会检索authData [英] Firebase still retrieving authData after deletion

问题描述

我手动删除了连接到我的iphone模拟器所在的uid帐户（来自firebase仪表板）后，当我运行下面的代码时，它仍然以某种方式仍然验证和检索一个uid。
$ b

  let ref = Firebase（url：https://moviebuffapp.firebaseio.com/）
 
覆盖func viewDidLoad（）{
 super.viewDidLoad（）
 $ b $如果ref.authData！= nil {
 
 let uid = ref .authData.uid 
 print（uid）
  

解决方案

删除一个帐户不会自动过期该帐户的当前会话。他们目前的会议将保持有效，直到他们到期。您可以在Firebase信息中心中设置会话到期时间间隔。

如果您要强制用户注销，调用 ref.unauth（） 。

但是一般情况下，您可能希望构建授权规则，以防止这些用户使用来自已删除帐户的有效令牌对数据进行更改。

如果您将用户配置文件保留在数据库中，则可以检查该记录是否仍然存在于您的安全规则中： root.child（'users '）.child（auth.uid）.exists（）。

另见：

• 用户删除时未将Firebase身份验证吊销？


• 在firebase中删除用户不会触发onAuth方法
  

After I manually deleted the account connected to the uid that my iphone simulator is on (from firebase dashboard), when I run the code below it's somehow still authenticating and retrieving a uid. How is this possible?

let ref = Firebase(url: "https://moviebuffapp.firebaseio.com/")

override func viewDidLoad() {
    super.viewDidLoad()

    if ref.authData != nil {

        let uid = ref.authData.uid
        print(uid)

解决方案

Deleting an account does not automatically expire the current session(s) for that account. Their current sessions will remain valid until they expire. You can set the session expiration interval in your Firebase Dashboard.

If you want to force the user to be logged out, call ref.unauth().

But in general you'll likely want to build authorization rules to prevent such users with valid tokens from deleted accounts to make changes to the data.

If you keep the user profiles in your database, you can check whether that record still exists in your security rules: root.child('users').child(auth.uid).exists().

Also see:

• Firebase authentication not revoked when user deleted?
• Deletion of User in firebase does not trigger onAuth method

这篇关于Firebase在删除后仍然会检索authData的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！