npm - @umituz/react-native-firebase - Versions diffs - 1.13.2 → 1.13.4 - Mend

@umituz/react-native-firebase 1.13.2 → 1.13.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (44) hide show

package/src/auth/infrastructure/services/auth-utils.service.ts ADDED Viewed

@@ -0,0 +1,168 @@
+/**
+ * Auth Utils Service
+ * Single Responsibility: Provide utility functions for auth state checking
+ *
+ * SOLID: Single Responsibility - Only handles auth state utilities
+ */
+import type { Auth, User } from 'firebase/auth';
+import { getFirebaseAuth } from '../config/FirebaseAuthClient';
+/**
+ * Check if user is anonymous
+ */
+function isAnonymousUser(user: User): boolean {
+  return user.isAnonymous === true;
+}
+/**
+ * Auth check result interface
+ */
+export interface AuthCheckResult {
+  isAuthenticated: boolean;
+  isAnonymous: boolean;
+  isGuest: boolean;
+  currentUser: User | null;
+  userId: string | null;
+}
+/**
+ * Check authentication state
+ * Returns comprehensive auth state information
+ */
+export function checkAuthState(auth: Auth | null): AuthCheckResult {
+  if (!auth) {
+    return {
+      isAuthenticated: false,
+      isAnonymous: false,
+      isGuest: false,
+      currentUser: null,
+      userId: null,
+    };
+  }
+  const currentUser = auth.currentUser;
+  if (!currentUser) {
+    return {
+      isAuthenticated: false,
+      isAnonymous: false,
+      isGuest: false,
+      currentUser: null,
+      userId: null,
+    };
+  }
+  const anonymous = isAnonymousUser(currentUser);
+  return {
+    isAuthenticated: true,
+    isAnonymous: anonymous,
+    isGuest: anonymous,
+    currentUser,
+    userId: currentUser.uid,
+  };
+}
+/**
+ * Check if user is authenticated (including anonymous)
+ */
+export function isAuthenticated(auth: Auth | null): boolean {
+  return checkAuthState(auth).isAuthenticated;
+}
+/**
+ * Check if user is guest (anonymous)
+ */
+export function isGuest(auth: Auth | null): boolean {
+  return checkAuthState(auth).isGuest;
+}
+/**
+ * Get current user ID (null if not authenticated)
+ */
+export function getCurrentUserId(auth: Auth | null): string | null {
+  return checkAuthState(auth).userId;
+}
+/**
+ * Get current user (null if not authenticated)
+ */
+export function getCurrentUser(auth: Auth | null): User | null {
+  return checkAuthState(auth).currentUser;
+}
+/**
+ * Get current authenticated user ID from global auth instance
+ * Convenience function that uses getFirebaseAuth()
+ */
+export function getCurrentUserIdFromGlobal(): string | null {
+  const auth = getFirebaseAuth();
+  return getCurrentUserId(auth);
+}
+/**
+ * Get current user from global auth instance
+ * Convenience function that uses getFirebaseAuth()
+ */
+export function getCurrentUserFromGlobal(): User | null {
+  const auth = getFirebaseAuth();
+  return getCurrentUser(auth);
+}
+/**
+ * Check if current user is authenticated (including anonymous)
+ * Convenience function that uses getFirebaseAuth()
+ */
+export function isCurrentUserAuthenticated(): boolean {
+  const auth = getFirebaseAuth();
+  return isAuthenticated(auth);
+}
+/**
+ * Check if current user is guest (anonymous)
+ * Convenience function that uses getFirebaseAuth()
+ */
+export function isCurrentUserGuest(): boolean {
+  const auth = getFirebaseAuth();
+  return isGuest(auth);
+}
+/**
+ * Verify userId matches current authenticated user
+ */
+export function verifyUserId(auth: Auth | null, userId: string): boolean {
+  if (!auth || !userId) {
+    return false;
+  }
+  try {
+    const state = checkAuthState(auth);
+    return state.isAuthenticated && state.userId === userId;
+  } catch {
+    return false;
+  }
+}
+/**
+ * Get safe user ID (null if not authenticated)
+ */
+export function getSafeUserId(auth: Auth | null): string | null {
+  if (!auth) {
+    return null;
+  }
+  try {
+    return getCurrentUserId(auth);
+  } catch {
+    return null;
+  }
+}
+/**
+ * Check if user exists and is valid
+ */
+export function isValidUser(user: User | null | undefined): user is User {
+  return user !== null && user !== undefined && typeof user.uid === 'string' && user.uid.length > 0;
+}

package/src/auth/infrastructure/services/firestore-utils.service.ts ADDED Viewed

@@ -0,0 +1,155 @@
+/**
+ * Firestore Utilities
+ * Centralized utilities for Firestore operations with anonymous user support
+ */
+import type { Auth } from "firebase/auth";
+import { checkAuthState, verifyUserId } from "./auth-utils.service";
+declare const __DEV__: boolean;
+export interface FirestoreQueryOptions {
+  /**
+   * Skip query if user is anonymous/guest
+   * Default: true (guest users don't have Firestore data)
+   */
+  readonly skipForGuest?: boolean;
+  /**
+   * Skip query if user is not authenticated
+   * Default: true
+   */
+  readonly skipIfNotAuthenticated?: boolean;
+  /**
+   * Verify userId matches current user
+   * Default: true
+   */
+  readonly verifyUserId?: boolean;
+  /**
+   * User ID to verify (required if verifyUserId is true)
+   */
+  readonly userId?: string;
+}
+export type FirestoreQuerySkipReason =
+  | "not_authenticated"
+  | "is_guest"
+  | "user_id_mismatch"
+  | "no_auth"
+  | "invalid_options";
+export interface FirestoreQueryResult {
+  readonly shouldSkip: boolean;
+  readonly reason?: FirestoreQuerySkipReason;
+  readonly userId: string | null;
+  readonly isGuest: boolean;
+  readonly isAuthenticated: boolean;
+}
+/**
+ * Check if Firestore query should be skipped
+ * Centralized logic for all Firestore operations
+ */
+export function shouldSkipFirestoreQuery(
+  auth: Auth | null,
+  options: FirestoreQueryOptions = {},
+): FirestoreQueryResult {
+  const {
+    skipForGuest = true,
+    skipIfNotAuthenticated = true,
+    verifyUserId: shouldVerify = true,
+    userId,
+  } = options;
+  try {
+    // No auth available
+    if (!auth) {
+      return {
+        shouldSkip: true,
+        reason: "no_auth",
+        userId: null,
+        isGuest: false,
+        isAuthenticated: false,
+      };
+    }
+    // Check auth state
+    const authState = checkAuthState(auth);
+    // Not authenticated
+    if (!authState.isAuthenticated) {
+      if (skipIfNotAuthenticated) {
+        return {
+          shouldSkip: true,
+          reason: "not_authenticated",
+          userId: null,
+          isGuest: false,
+          isAuthenticated: false,
+        };
+      }
+    }
+    // Guest/anonymous user
+    if (authState.isGuest) {
+      if (skipForGuest) {
+        return {
+          shouldSkip: true,
+          reason: "is_guest",
+          userId: authState.userId,
+          isGuest: true,
+          isAuthenticated: false,
+        };
+      }
+    }
+    // Verify userId if provided
+    if (shouldVerify && userId) {
+      if (!verifyUserId(auth, userId)) {
+        return {
+          shouldSkip: true,
+          reason: "user_id_mismatch",
+          userId: authState.userId,
+          isGuest: authState.isGuest,
+          isAuthenticated: authState.isAuthenticated,
+        };
+      }
+    }
+    // Don't skip
+    return {
+      shouldSkip: false,
+      userId: authState.userId,
+      isGuest: authState.isGuest,
+      isAuthenticated: authState.isAuthenticated,
+    };
+  } catch (error) {
+    if (typeof __DEV__ !== "undefined" && __DEV__) {
+      // eslint-disable-next-line no-console
+      console.error("[FirestoreUtils] Error checking if query should be skipped", error);
+    }
+    return {
+      shouldSkip: true,
+      reason: "invalid_options",
+      userId: null,
+      isGuest: false,
+      isAuthenticated: false,
+    };
+  }
+}
+/**
+ * Create safe query options with defaults
+ */
+export function createFirestoreQueryOptions(
+  options: Partial<FirestoreQueryOptions> = {},
+): FirestoreQueryOptions {
+  return {
+    skipForGuest: options.skipForGuest ?? true,
+    skipIfNotAuthenticated: options.skipIfNotAuthenticated ?? true,
+    verifyUserId: options.verifyUserId ?? true,
+    userId: options.userId,
+  };
+}

package/src/auth/infrastructure/services/google-auth.service.ts ADDED Viewed

@@ -0,0 +1,100 @@
+/**
+ * Google Auth Service
+ * Handles Google Sign-In with Firebase Authentication
+ * Uses expo-auth-session for OAuth flow
+ */
+import {
+  GoogleAuthProvider,
+  signInWithCredential,
+  type Auth,
+  type UserCredential,
+} from "firebase/auth";
+/**
+ * Google Auth configuration
+ */
+export interface GoogleAuthConfig {
+  webClientId?: string;
+  iosClientId?: string;
+  androidClientId?: string;
+}
+/**
+ * Google Auth result
+ */
+export interface GoogleAuthResult {
+  success: boolean;
+  userCredential?: UserCredential;
+  error?: string;
+  isNewUser?: boolean;
+}
+/**
+ * Google Auth Service
+ * Provides Google Sign-In functionality for Firebase
+ */
+export class GoogleAuthService {
+  private config: GoogleAuthConfig | null = null;
+  /**
+   * Configure Google Auth with client IDs
+   */
+  configure(config: GoogleAuthConfig): void {
+    this.config = config;
+  }
+  /**
+   * Check if Google Auth is configured
+   */
+  isConfigured(): boolean {
+    return (
+      this.config !== null &&
+      (!!this.config.webClientId ||
+        !!this.config.iosClientId ||
+        !!this.config.androidClientId)
+    );
+  }
+  /**
+   * Get the current configuration
+   */
+  getConfig(): GoogleAuthConfig | null {
+    return this.config;
+  }
+  /**
+   * Sign in with Google ID token
+   * Called after successful Google OAuth flow
+   */
+  async signInWithIdToken(
+    auth: Auth,
+    idToken: string,
+  ): Promise<GoogleAuthResult> {
+    try {
+      const credential = GoogleAuthProvider.credential(idToken);
+      const userCredential = await signInWithCredential(auth, credential);
+      // Check if this is a new user
+      const isNewUser =
+        userCredential.user.metadata.creationTime ===
+        userCredential.user.metadata.lastSignInTime;
+      return {
+        success: true,
+        userCredential,
+        isNewUser,
+      };
+    } catch (error) {
+      return {
+        success: false,
+        error: error instanceof Error ? error.message : "Google sign-in failed",
+      };
+    }
+  }
+}
+/**
+ * Singleton instance
+ */
+export const googleAuthService = new GoogleAuthService();

package/src/auth/infrastructure/services/reauthentication.service.ts ADDED Viewed

@@ -0,0 +1,216 @@
+/**
+ * Reauthentication Service
+ * Handles Firebase Auth reauthentication for sensitive operations
+ *
+ * SOLID: Single Responsibility - Only handles reauthentication
+ */
+import {
+  reauthenticateWithCredential,
+  GoogleAuthProvider,
+  OAuthProvider,
+  type User,
+  type AuthCredential,
+} from "firebase/auth";
+import * as AppleAuthentication from "expo-apple-authentication";
+import * as Crypto from "expo-crypto";
+import { Platform } from "react-native";
+export interface ReauthenticationResult {
+  success: boolean;
+  error?: {
+    code: string;
+    message: string;
+  };
+}
+export type AuthProviderType = "google.com" | "apple.com" | "password" | "anonymous" | "unknown";
+/**
+ * Get the primary auth provider for a user
+ */
+export function getUserAuthProvider(user: User): AuthProviderType {
+  if (user.isAnonymous) {
+    return "anonymous";
+  }
+  const providerData = user.providerData;
+  if (!providerData || providerData.length === 0) {
+    return "unknown";
+  }
+  // Check for Google
+  const googleProvider = providerData.find((p) => p.providerId === "google.com");
+  if (googleProvider) {
+    return "google.com";
+  }
+  // Check for Apple
+  const appleProvider = providerData.find((p) => p.providerId === "apple.com");
+  if (appleProvider) {
+    return "apple.com";
+  }
+  // Check for password
+  const passwordProvider = providerData.find((p) => p.providerId === "password");
+  if (passwordProvider) {
+    return "password";
+  }
+  return "unknown";
+}
+/**
+ * Reauthenticate with Google
+ */
+export async function reauthenticateWithGoogle(
+  user: User,
+  idToken: string
+): Promise<ReauthenticationResult> {
+  try {
+    const credential = GoogleAuthProvider.credential(idToken);
+    await reauthenticateWithCredential(user, credential);
+    return { success: true };
+  } catch (error) {
+    const firebaseError = error as { code?: string; message?: string };
+    return {
+      success: false,
+      error: {
+        code: firebaseError.code || "auth/reauthentication-failed",
+        message: firebaseError.message || "Google reauthentication failed",
+      },
+    };
+  }
+}
+/**
+ * Generate a random nonce for Apple Sign-In security
+ */
+async function generateNonce(length: number = 32): Promise<string> {
+  const randomBytes = await Crypto.getRandomBytesAsync(length);
+  const chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";
+  let result = "";
+  for (let i = 0; i < randomBytes.length; i++) {
+    result += chars.charAt(randomBytes[i] % chars.length);
+  }
+  return result;
+}
+/**
+ * Reauthenticate with Apple
+ * Returns the credential that can be used for reauthentication
+ */
+export async function getAppleReauthCredential(): Promise<{
+  success: boolean;
+  credential?: AuthCredential;
+  error?: { code: string; message: string };
+}> {
+  if (Platform.OS !== "ios") {
+    return {
+      success: false,
+      error: {
+        code: "auth/platform-not-supported",
+        message: "Apple Sign-In is only available on iOS",
+      },
+    };
+  }
+  try {
+    const isAvailable = await AppleAuthentication.isAvailableAsync();
+    if (!isAvailable) {
+      return {
+        success: false,
+        error: {
+          code: "auth/apple-signin-unavailable",
+          message: "Apple Sign-In is not available on this device",
+        },
+      };
+    }
+    // Generate nonce
+    const nonce = await generateNonce();
+    const hashedNonce = await Crypto.digestStringAsync(
+      Crypto.CryptoDigestAlgorithm.SHA256,
+      nonce
+    );
+    // Request Apple Sign-In
+    const appleCredential = await AppleAuthentication.signInAsync({
+      requestedScopes: [
+        AppleAuthentication.AppleAuthenticationScope.FULL_NAME,
+        AppleAuthentication.AppleAuthenticationScope.EMAIL,
+      ],
+      nonce: hashedNonce,
+    });
+    if (!appleCredential.identityToken) {
+      return {
+        success: false,
+        error: {
+          code: "auth/no-identity-token",
+          message: "No identity token received from Apple",
+        },
+      };
+    }
+    // Create Firebase credential
+    const provider = new OAuthProvider("apple.com");
+    const credential = provider.credential({
+      idToken: appleCredential.identityToken,
+      rawNonce: nonce,
+    });
+    return { success: true, credential };
+  } catch (error) {
+    if (error instanceof Error && error.message.includes("ERR_CANCELED")) {
+      return {
+        success: false,
+        error: {
+          code: "auth/cancelled",
+          message: "Apple Sign-In was cancelled",
+        },
+      };
+    }
+    return {
+      success: false,
+      error: {
+        code: "auth/apple-reauthentication-failed",
+        message: error instanceof Error ? error.message : "Apple reauthentication failed",
+      },
+    };
+  }
+}
+/**
+ * Reauthenticate with Apple
+ */
+export async function reauthenticateWithApple(user: User): Promise<ReauthenticationResult> {
+  const result = await getAppleReauthCredential();
+  if (!result.success || !result.credential) {
+    return {
+      success: false,
+      error: result.error || {
+        code: "auth/no-credential",
+        message: "Failed to get Apple credential",
+      },
+    };
+  }
+  try {
+    await reauthenticateWithCredential(user, result.credential);
+    return { success: true };
+  } catch (error) {
+    const firebaseError = error as { code?: string; message?: string };
+    return {
+      success: false,
+      error: {
+        code: firebaseError.code || "auth/reauthentication-failed",
+        message: firebaseError.message || "Apple reauthentication failed",
+      },
+    };
+  }
+}