问题
I have read about this issue in multiple places such as here but do not know what user experience to give users.
I'm using Firebase Auth on iOS (Swift). In my app, there are only 2 ways for users to create an account:
- Email (email/password)
- Sign In with Apple
I'm not sure how to handle this scenario where Apple replaces the email provider in Firebase:
- User signs up with option #1 (Email) as
john@gmail.com. We use the api send email verification to send an email for user to verify their email. - This user does not open email to verify their email for some reason. Therefore, the email is not verified.
- User logs out of the app.
- Instead of the user logging in with option #1 (Email), the user logs in with option #2 (Sign In with Apple). Their Apple ID email is the same as option #1 (Email):
john@gmail.com. We use the API sign in with credential.
In this flow, Apple replaces the email provider because both their regular email and Apple ID email are the same (and the regular email was not verified). If the email is verified, Firebase links the email and Apple account automatically in this case... instead of replacing.
If you try to create an account with option #1 (Email) again later you'll get this error because it is already used with Apple:
Error Domain=FIRAuthErrorDomain Code=17007 "The email address is already in use by another account." UserInfo={NSLocalizedDescription=The email address is already in use by another account., FIRAuthErrorUserInfoNameKey=ERROR_EMAIL_ALREADY_IN_USE}
I'm not sure what to do here for user experience if the user wants to login with email but now can't. Do I tell the user: "Sorry, since you did not verify your email, Apple replaced the email provider as an option and now you have to use Apple to login to your account"? Or is there a better user experience we could provide to user? Is there anyway to easily allow this user to use both email and Apple as a way to login in this specific case?
回答1:
In that case, you call fetchSignInMethodsForEmail to get the IdPs associated with this email. That will return a list with apple.com provider ID. You inform the user that they need to sign in with Apple to that account.
Going forward they would need to use Apple sign-in. The only way to use both is if you verify the email (via email verification) after they sign up with email/password and before they sign in with Apple. When the account is verified, the Apple credential is merged automatically on sign-in and the password is kept on the account.
来源:https://stackoverflow.com/questions/61072485/apple-replaces-email-provider-if-email-not-verified