Firebase Simple Login (Web) Overview

Firebase Simple Login is a built-in service that allows you to authenticate users using only client-side code. Enable authentication via a number of third-party providers, anonymous login, or email / password authentication without having to manually store authentication credentials or run a server.

To see an example of Firebase Simple Login in action, check out the demonstration at firebase.github.io/firebase-simple-login/.

Getting Started

You'll need to include the Firebase Simple Login, which you can do with the following script include:

<script type='text/javascript'
        src='https://cdn.firebase.com/js/simple-login/1.3.2/firebase-simple-login.js'>
</script>

Enter your Firebase URL in a browser to log in to Forge. Enable authentication methods and configure your login settings under the 'Auth' tab.

Note: Only domains that you whitelist are allowed to make requests to Firebase Simple Login for your application. For testing purposes, all Firebases have 'localhost' and '127.0.0.1' enabled by default. Configure more to enable access from domains where your application is hosted.

Monitoring User Authentication State

Before logging users in, instantiate the FirebaseSimpleLogin by passing a Firebase reference and a callback. This callback will be invoked any time that the user's authentication state changed:

var chatRef = new Firebase('https://<YOUR-FIREBASE>.firebaseio.com');
var auth = new FirebaseSimpleLogin(chatRef, function(error, user) {
  if (error) {
    // an error occurred while attempting login
    console.log(error);
  } else if (user) {
    // user authenticated with Firebase
    console.log('User ID: ' + user.uid + ', Provider: ' + user.provider);
  } else {
    // user is logged out
  }
});

Logging Users In

If a user is logged out, authenticate the user with the provider of your choice:

auth.login('<provider>');

The callback that you specified will be invoked with the result of this login attempt, including a user object on success, or an error otherwise. For more information on supported providers and provider-specific configuration:

Logging Users Out

By default, user sessions are expired after browser close. If you would like to explicitly log the user out and expire their session, use:

auth.logout();

Best Practices

Third-party authentication methods use a browser pop-up window to prompt the user to sign-in, approve the application, and return the user's data to the requesting application. Most modern browsers will block the opening of this pop-up window unless it was invoked by direct user action.

For that reason, we recommend that you only invoke the "login()" method for third-party authentication methods upon user click.

For a robust example of Firebase Simple Login in a production environment, showcasing both third-party authentication as well as manual token persistence, see the Firefeed repository on GitHub.

Error Handling in Firebase Simple Login

In Firebase Simple Login, the callback you specified during initialization is called any time the user's authentication state has changed, or an error has occurred in the authentication process.

In some cases, you may want to explicitly check for specific errors so that you can update your messaging to the user, or prompt the user to attempt to login again.

Error Format

All errors in Firebase Simple Login are JavaScript Error objects containing at least a code and message attributes. In some cases, additional information will be provided (see full error listing below). For example:

{
  code: 'INVALID_PASSWORD',
  message: 'The specified password is incorrect.'
}

Checking Specific Errors

It is recommended that you pick a subset of errors that might impact your application, and look for only that subset specifically.

For example, if you are using email / password authentication, you might look for the following:

var chatRef = new Firebase('https://<YOUR-FIREBASE>.firebaseio.com');
var auth = new FirebaseSimpleLogin(chatRef, function(error, user) {
  if (error) {
    // an error occurred while attempting login
    switch(error.code) {
      case 'INVALID_EMAIL':
      case 'INVALID_PASSWORD':
      default:
    }
  } else if (user) {
    // user authenticated with Firebase
    console.log('User ID: ' + user.uid + ', Provider: ' + user.provider);
  } else {
    // user is logged out
  }
});

Full Error Listing

All Simple Login error IDs, and some explanation, are listed below. This page will be updated as errors are added or modified.

Error Code Description
AUTHENTICATION_DISABLED The specified authentication type is not enabled for this Firebase.
EMAIL_TAKEN The specified email address is already in use.
INVALID_EMAIL The specified email address is incorrect.
INVALID_FIREBASE Invalid Firebase specified.
INVALID_ORIGIN Unauthorized request origin, please check application configuration.
INVALID_PASSWORD The specified password is incorrect.
INVALID_USER The specified user does not exist.
UNKNOWN_ERROR An unknown error occurred. Please contact support@firebase.com.
USER_DENIED User denied authentication request.

Have a suggestion to improve the documentation on this page? Tell us!