docs/auth/manage-users.md
Project: /docs/_project.yaml Book: /docs/_book.yaml
<link rel="stylesheet" type="text/css" href="/styles/docs.css" />You create a new user in your Firebase project in four ways:
createUserWithEmailAndPassword() method.You can also create new password-authenticated users from the Authentication section of the Firebase console, on the Users page.
To get a user's profile information, use the properties of User. There are
three ways to get a User object representing the current user:
The authStateChanges, idTokenChanges and userChanges streams: your
listeners will receive the current User, or null if no user is
authenticated:
FirebaseAuth.instance
.authStateChanges()
.listen((User? user) {
if (user != null) {
print(user.uid);
}
});
When the app starts, an event fires after the user credentials (if any) from local storage have been restored, meaning that your listeners always get called when the user state is initialized. Then, whenever the authentication state changes, a new event will be raised with the updated user state.
By listening to the authentication state, you can build a user interface that reacts to these changes in authentication state.
The UserCredential object returned by the authentication (signIn-)
methods: the UserCredential object has a user property with the current
User:
final userCredential =
await FirebaseAuth.instance.signInWithCredential(credential);
final user = userCredential.user;
print(user?.uid);
The currentUser property of the FirebaseAuth instance: if you are sure the
user is currently signed-in, you can access the User from the currentUser
property:
if (FirebaseAuth.instance.currentUser != null) {
print(FirebaseAuth.instance.currentUser?.uid);
}
The currentUser can be null for two reasons:
To get the profile information retrieved from the sign-in providers linked to a
user, use the providerData property. For example:
if (user != null) {
for (final providerProfile in user.providerData) {
// ID of the provider (google.com, apple.com, etc.)
final provider = providerProfile.providerId;
// UID specific to the provider
final uid = providerProfile.uid;
// Name, email address, and profile photo URL
final name = providerProfile.displayName;
final emailAddress = providerProfile.email;
final profilePhoto = providerProfile.photoURL;
}
}
You can update a user's basic profile information—the user's display name
and profile photo URL—with the update- methods. For example:
await user?.updateDisplayName("Jane Q. User");
await user?.updatePhotoURL("https://example.com/jane-q-user/profile.jpg");
You can set a user's email address with the verifyBeforeUpdateEmail() method. For example:
await user?.verifyBeforeUpdateEmail("[email protected]");
This method sends a verification email to the new address. The user's email will be updated only after they verify the new email address.
Note: To set a user's email address, the user must have signed in recently. See Re-authenticate a user.
You can send an address verification email to a user with the
sendEmailVerification() method. For example:
await user?.sendEmailVerification();
You can customize the email template that is used in Authentication section of the Firebase console, on the Email Templates page. See Email Templates in Firebase Help Center.
It is also possible to pass state via a continue URL to redirect back to the app when sending a verification email.
Additionally you can localize the verification email by updating the language code on the Auth instance before sending the email. For example:
await FirebaseAuth.instance.setLanguageCode("fr");
await user?.sendEmailVerification();
You can set a user's password with the updatePassword() method. For example:
await user?.updatePassword(newPassword);
Important: To set a user's email address, the user must have signed in recently. See Re-authenticate a user.
You can send a password reset email to a user with the sendPasswordResetEmail()
method. For example:
await FirebaseAuth.instance
.sendPasswordResetEmail(email: "[email protected]");
You can customize the email template that is used in Authentication section of the Firebase console, on the Email Templates page. See Email Templates in Firebase Help Center.
It is also possible to pass state via a continue URL to redirect back to the app when sending a password reset email.
Additionally you can localize the password reset email by updating the language code on the Auth instance before sending the email. For example:
await FirebaseAuth.instance.setLanguageCode("fr");
You can also send password reset emails from the Firebase console.
You can delete a user account with the delete() method. For example:
await user?.delete();
Important: To set a user's email address, the user must have signed in recently. See Re-authenticate a user.
You can also delete users from the Authentication section of the Firebase console, on the Users page.
Some security-sensitive actions—such as
deleting an account,
setting a primary email address, and
changing a password—require that the user has
recently signed in. If you perform one of these actions, and the user signed in
too long ago, the action fails and throws a FirebaseAuthException with the code
requires-recent-login.
When this happens, re-authenticate the user by getting new sign-in credentials
from the user and passing the credentials to reauthenticate. For example:
// Prompt the user to re-provide their sign-in credentials.
// Then, use the credentials to reauthenticate:
await user?.reauthenticateWithCredential(credential);
You can import user accounts from a file into your Firebase project by using the
Firebase CLI's auth:import command. For example:
firebase auth:import users.json --hash-algo=scrypt --rounds=8 --mem-cost=14