@react-native-firebase/auth 22.1.0 → 22.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/CHANGELOG.md +7 -0
  2. package/lib/index.d.ts +28 -9
  3. package/lib/modular/index.d.ts +1 -0
  4. package/lib/version.js +1 -1
  5. package/package.json +3 -3
  6. package/plugin/build/ios/openUrlFix.js +1 -1
  7. package/plugin/src/ios/openUrlFix.ts +1 -1
package/CHANGELOG.md CHANGED
@@ -3,6 +3,13 @@
3
3
  All notable changes to this project will be documented in this file.
4
4
  See [Conventional Commits](https://conventionalcommits.org) for commit guidelines.
5
5
 
6
+ ## [22.2.0](https://github.com/invertase/react-native-firebase/compare/v22.1.0...v22.2.0) (2025-05-12)
7
+
8
+ ### Bug Fixes
9
+
10
+ - **auth, expo:** lowercase `String?` in swift using `.lowercased()` ([af435e8](https://github.com/invertase/react-native-firebase/commit/af435e8b8bc84a98e4fab336ade6952178c7f6f8))
11
+ - **auth:** missing PhoneMultiFactorGenerator export ([aaaec03](https://github.com/invertase/react-native-firebase/commit/aaaec03bba10c68d0f700b6c4b26a17c467f71bb))
12
+
6
13
  ## [22.1.0](https://github.com/invertase/react-native-firebase/compare/v22.0.0...v22.1.0) (2025-04-30)
7
14
 
8
15
  ### Features
package/lib/index.d.ts CHANGED
@@ -1806,17 +1806,27 @@ export namespace FirebaseAuthTypes {
1806
1806
  /**
1807
1807
  * Signs a user in with an email and password.
1808
1808
  *
1809
+ * ⚠️ Note:
1810
+ * If "Email Enumeration Protection" is enabled in your Firebase Authentication settings (enabled by default),
1811
+ * Firebase may return a generic `auth/invalid-login-credentials` error instead of more specific ones like
1812
+ * `auth/user-not-found` or `auth/wrong-password`. This behavior is intended to prevent leaking information
1813
+ * about whether an account with the given email exists.
1814
+ *
1815
+ * To receive detailed error codes, you must disable "Email Enumeration Protection", which may increase
1816
+ * security risks if not properly handled on the frontend.
1817
+ *
1809
1818
  * #### Example
1810
1819
  *
1811
1820
  * ```js
1812
1821
  * const userCredential = await firebase.auth().signInWithEmailAndPassword('joe.bloggs@example.com', '123456');
1813
- * ````
1822
+ * ```
1823
+ *
1814
1824
  * @error auth/invalid-email Thrown if the email address is not valid.
1815
1825
  * @error auth/user-disabled Thrown if the user corresponding to the given email has been disabled.
1816
- * @error auth/user-not-found Thrown if there is no user corresponding to the given email.
1817
- * @error auth/wrong-password Thrown if the password is invalid for the given email, or the account corresponding to the email does not have a password set.
1818
- * @param email The users email address.
1819
- * @param password The users password.
1826
+ * @error auth/user-not-found Thrown if there is no user corresponding to the given email. (May be suppressed if email enumeration protection is enabled.)
1827
+ * @error auth/wrong-password Thrown if the password is invalid or missing. (May be suppressed if email enumeration protection is enabled.)
1828
+ * @param email The user's email address.
1829
+ * @param password The user's password.
1820
1830
  */
1821
1831
  signInWithEmailAndPassword(email: string, password: string): Promise<UserCredential>;
1822
1832
 
@@ -2096,18 +2106,27 @@ export namespace FirebaseAuthTypes {
2096
2106
  /**
2097
2107
  * Returns a list of authentication methods that can be used to sign in a given user (identified by its main email address).
2098
2108
  *
2109
+ * ⚠️ Note:
2110
+ * If "Email Enumeration Protection" is enabled in your Firebase Authentication settings (which is the default),
2111
+ * this method may return an empty array even if the email is registered, especially when called from an unauthenticated context.
2112
+ *
2113
+ * This is a security measure to prevent leaking account existence via email enumeration attacks.
2114
+ * Do not use the result of this method to directly inform the user whether an email is registered.
2115
+ *
2099
2116
  * #### Example
2100
2117
  *
2101
2118
  * ```js
2102
2119
  * const methods = await firebase.auth().fetchSignInMethodsForEmail('joe.bloggs@example.com');
2103
2120
  *
2104
- * methods.forEach((method) => {
2105
- * console.log(method);
2106
- * });
2121
+ * if (methods.length > 0) {
2122
+ * // Likely a registered user — offer sign-in
2123
+ * } else {
2124
+ * // Could be unregistered OR email enumeration protection is active — offer registration
2125
+ * }
2107
2126
  * ```
2108
2127
  *
2109
2128
  * @error auth/invalid-email Thrown if the email address is not valid.
2110
- * @param email The users email address.
2129
+ * @param email The user's email address.
2111
2130
  */
2112
2131
  fetchSignInMethodsForEmail(email: string): Promise<string[]>;
2113
2132
 
package/lib/modular/index.d.ts CHANGED
@@ -779,5 +779,6 @@ export {
779
779
  OAuthProvider,
780
780
  OIDCAuthProvider,
781
781
  PhoneAuthProvider,
782
+ PhoneMultiFactorGenerator,
782
783
  TwitterAuthProvider,
783
784
  } from '../index';
package/lib/version.js CHANGED
@@ -1,2 +1,2 @@
1
1
  // Generated by genversion.
2
- module.exports = '22.1.0';
2
+ module.exports = '22.2.0';
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@react-native-firebase/auth",
3
- "version": "22.1.0",
3
+ "version": "22.2.0",
4
4
  "author": "Invertase <oss@invertase.io> (http://invertase.io)",
5
5
  "description": "React Native Firebase - The authentication module provides an easy-to-use API to integrate an authentication workflow into new and existing applications. React Native Firebase provides access to all Firebase authentication methods and identity providers.",
6
6
  "main": "lib/index.js",
@@ -27,7 +27,7 @@
27
27
  "plist": "^3.1.0"
28
28
  },
29
29
  "peerDependencies": {
30
- "@react-native-firebase/app": "22.1.0",
30
+ "@react-native-firebase/app": "22.2.0",
31
31
  "expo": ">=47.0.0"
32
32
  },
33
33
  "devDependencies": {
@@ -43,5 +43,5 @@
43
43
  "access": "public",
44
44
  "provenance": true
45
45
  },
46
- "gitHead": "af6096ed9df878f0f169e899564b0aab68d396e5"
46
+ "gitHead": "b302210509ceac8078b5fb9fd0b24e68f0641c6a"
47
47
  }
package/plugin/build/ios/openUrlFix.js CHANGED
@@ -126,7 +126,7 @@ function modifyObjcAppDelegate(contents) {
126
126
  // NOTE: `mergeContents()` doesn't support newlines for the `anchor` regex, so we have to replace it manually
127
127
  const skipOpenUrlForFirebaseAuthBlockSwift = `\
128
128
  // @generated begin @react-native-firebase/auth-openURL - expo prebuild (DO NOT MODIFY)
129
- if url.host.toLowerCase() == "firebaseauth" {
129
+ if url.host?.lowercased() == "firebaseauth" {
130
130
  // invocations for Firebase Auth are handled elsewhere and should not be forwarded to Expo Router
131
131
  return false
132
132
  }
package/plugin/src/ios/openUrlFix.ts CHANGED
@@ -155,7 +155,7 @@ export function modifyObjcAppDelegate(contents: string): string | null {
155
155
  // NOTE: `mergeContents()` doesn't support newlines for the `anchor` regex, so we have to replace it manually
156
156
  const skipOpenUrlForFirebaseAuthBlockSwift: string = `\
157
157
  // @generated begin @react-native-firebase/auth-openURL - expo prebuild (DO NOT MODIFY)
158
- if url.host.toLowerCase() == "firebaseauth" {
158
+ if url.host?.lowercased() == "firebaseauth" {
159
159
  // invocations for Firebase Auth are handled elsewhere and should not be forwarded to Expo Router
160
160
  return false
161
161
  }