android - Firebase Auth getCurrentUser() 检索已删除的用户

Question

您好，感谢您抽出时间。

我一直在使用 Firebase 开发 Android 应用。

我已设置 Firebase 身份验证，用户可以使用电子邮件和密码进行注册，并在电子邮件验证后登录。

当应用程序打开时，我使用 onStart() 方法检查用户是否仍然登录，但我在从 Firebase 中删除用户后尝试过，仍然可以登录!

我应该以其他方式检查吗？

@Override
public void onStart() {
    super.onStart();

    // Check if user is signed in (non-null) and update UI accordingly.
    FirebaseUser currentUser = mAuth.getCurrentUser();
    updateUI(currentUser);
}

---

************************************************ 更新 *** **********************************************

使用 AuthStateListener 修复了问题 ，但后来我将 signIn 和 createAccount 方法拆分为 2 个单独的 Activity ，同时我还将 createAccount() 与 signInWithEmailAndPassword() 方法分开，这使我添加了这个 两个 Activity onCreate() 方法中的 mAuth = FirebaseAuth.getInstance() 。在我添加的登录 Activity 中

mAuthListener = new FirebaseAuth.AuthStateListener() { @覆盖 公共(public)无效onAuthStateChanged(@NonNull FirebaseAuth firebaseAuth){ FirebaseUser currentUser = mAuth.getCurrentUser(); ... } };

但现在不起作用。我是否忘记了什么或只是无法做到这一点？

这是我发现相关的代码:

LogInActivity类onCreate():

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_log_in);

    // Views
    emailEditText = findViewById(R.id.emailEditText);
    passwordEditText = findViewById(R.id.pswdEditText);

    // Buttons
    findViewById(R.id.logInButton).setOnClickListener(this);
    findViewById(R.id.forgottenPaswdTextButton).setOnClickListener(this);
    findViewById(R.id.registerTextButton).setOnClickListener(this);

    // Initialize Firebase Auth
    mAuth = FirebaseAuth.getInstance();

    // Check for user connection
    mAuthListener = new FirebaseAuth.AuthStateListener() {
        @Override
        public void onAuthStateChanged(@NonNull FirebaseAuth firebaseAuth) {
            // Check if user is signed in (non-null) and update UI accordingly.
            FirebaseUser currentUser = mAuth.getCurrentUser();
            if (currentUser != null) {
                Log.d(TAG, "onAuthStateChanged:signed_in:" + currentUser.getUid());
            } else {
                Log.d(TAG, "onAuthStateChanged:signed_out");
            }
            updateUI(currentUser);
        }
    };
}

SignInActivity 类 onCreate():

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_sign_in);

    // Views
    emailEditText = findViewById(R.id.emailEditText);
    passwordEditText = findViewById(R.id.pswdEditText);
    passwordRetypedEditText = findViewById(R.id.pswdRetypeEditText);
    nameEditText = findViewById(R.id.nameEditText);

    // Buttons
    findViewById(R.id.signUpButton).setOnClickListener(this);
    findViewById(R.id.logInTextButton).setOnClickListener(this);

    // Initialize Firebase Auth
    mAuth = FirebaseAuth.getInstance();

}

Answer 1

您可以收听AuthStateListener FirebaseUser 的状态更改。

为什么？，基本上，当您从服务器或其他设备中删除用户时，它在您当前的设备中仍然有效，因为它的 token 尚未在本地刷新。

了解更多 here .

---

文档指出:

There are some cases where getCurrentUser will return a non-null FirebaseUser but the underlying token is not valid. This can happen, for example, if the user was deleted on another device and the local token has not refreshed. In this case, you may get a valid user getCurrentUser but subsequent calls to authenticated resources will fail.

getCurrentUser might also return null because the auth object has not finished initializing.

If you attach an AuthStateListener you will get a callback every time the underlying token state changes. This can be useful to react to edge cases like those mentioned above.