Jon Cox Jon Cox - 3 months ago 19
iOS Question

Firebase - Deleting and reinstalling app does not un-authenticate a user

After authenticating a user with the following code (below is a trimmed version of my code, so only the successful login logic is shown)...

let firebaseReference = Firebase(url: "https://MY-FIREBASE.firebaseio.com")


 

FBSession.openActiveSessionWithReadPermissions(["public_profile", "user_friends"], allowLoginUI: true,
completionHandler: { session, state, error in

if state == FBSessionState.Open {
let accessToken = session.accessTokenData.accessToken
firebaseReference.authWithOAuthProvider("facebook", token: accessToken,
withCompletionBlock: { error, authData in

if error != nil {
// Login failed.
} else {
// Logged in!
println("Logged in! \(authData)")
}
})
}
})
}


(I.e. Launching and running the app, logging in successfully).

If you then delete the app and reinstall it on the same device, this call - which I am using in the app delegate to determine if a user is logged in - will always return that they are logged in.

if firebaseReference.authData == nil {
// Not logged in
} else {
// Logged in
}


Why is that? I would have thought deleting the app and reinstalling it should wipe all data.

If you reset the Content and Settings in the iOS simulator, and the install the app, the
firebaseReference.authData
property will once again be
nil
.

Answer

The Firebase authentication session is persisted on the user's device in the iOS keychain. The keychain data for the application is not removed when the application is uninstalled.

If you're looking to manually clear the data, you can store some additional metadata along with your application and manually call FirebaseRef.unauth() to clear the persisted session. See #4747404: Delete keychain items when an app is uninstalled for an additional reference.

Comments