-
Notifications
You must be signed in to change notification settings - Fork 892
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Requested authentication state persistence isn't retained #8545
Comments
I couldn't figure out how to label this issue, so I've labeled it for a human to triage. Hang tight. |
Hi @dsl101, thanks for reporting this issue. You mentioned that this issue also occurs when using As a temporary workaround while we look into this, would reapplying |
Calling if (isSignInWithEmailLink(auth, window.location.href)) {
await signInWithEmailLink(auth, email, window.location.href)
setPersistence(auth, browserSessionPersistence)
window.location.replace("/") // Dismiss redirect
} else {
await signIn({ email });
} Now, after sending the link and signing in on tab 1, opening a second tab and pasting in the URL does not show me as logged in on that second tab. Indeed, I can authenticate using a second email address on the second tab, and the 2 are isolated. However, the react app has this section in if (user) {
return (
<div>
<div>Logged in {user.email}</div>
<br />
<button onClick={() => window.open("/openedTab", "_blank")}>
Open new tab same domain
</button>
<br />
<button onClick={signOut}>Logout</button>
</div>
);
} Using that button on tab 1 (authenticated) opens a new tab and it is authenticated. Is this the expected behaviour when opening a tab via Regarding using import {
browserSessionPersistence,
setPersistence,
signInWithRedirect,
GoogleAuthProvider,
} from "firebase/auth"
const signInRedirect = () => {
return setPersistence(auth, browserSessionPersistence).then(() => {
console.log('Persistence:', auth.persistenceManager.persistence)
return signInWithRedirect(auth, new GoogleAuthProvider()).then(() => {
console.log('redirect succeeded')
})
})
} Again, the logged persistence SESSION before the call to Note that However, and I don't know if this is a client-side bug or a browser setting, but the above flow for auth works fine (albeit with the persistence issue) on Firefox, but not on Chrome. The redirect for google authentication happens, and the app is reloaded at the end of that flow, but the useEffect(() => {
return onAuthStateChanged(auth, async (userData) => {
console.log("onAuthStateChanged:", userData);
if (userData) {
try {
console.log("Persistence:", userData.auth.persistenceManager.persistence)
setUser(() => userData);
} catch (e) {
// eslint-disable-next-line
console.log(e);
}
} else {
setUser(null);
}
setFirstCheck(() => false);
});
}, []); |
Operating System
windows
Environment (if applicable)
Chrome 131, Firefox 130
Firebase SDK Version
10.13.2
Firebase SDK Product(s)
Auth
Project Tooling
React app / Vue & Quasar app
Detailed Problem Description
This page states that calls to
setPersistence()
prior tosignInWithRedirect()
should reapply the requested persistence model at the end of the redirect flow. We are seeing that despite requestingbrowserSessionPersistence
before sending the link, and pasting the emailed link directly into the same browser tab, the persistence model is reverting to LOCAL.This also happens with federated auth providers using
signInWithRedirect()
.Steps and code to reproduce issue
E.g. minimal piece of code to send a signin link by email:
Note the persistence printed to console here is:
After pasting the redirect link and re-entering the email address on the test app, this code detects & applies the authentication:
and the
onAuthStateChanged()
handler:logs:
The text was updated successfully, but these errors were encountered: