You can use Firebase Authentication to let your users authenticate with
Firebase using email addresses and passwords.
Before you begin
If you haven't already, follow the steps in the
Get started
guide.
Enable Email/Password sign-in:
- In the Firebase console's
Authentication
section, open the
Sign in method
page.
- From the
Sign in method
page, enable the
Email/password sign-in
method and click
Save
.
Create a password-based account
To create a new user account with a password, call the
createUserWithEmailAndPassword()
method:
try {
final credential = await FirebaseAuth.instance.createUserWithEmailAndPassword(
email: emailAddress,
password: password,
);
} on FirebaseAuthException catch (e) {
if (e.code == 'weak-password') {
print('The password provided is too weak.');
} else if (e.code == 'email-already-in-use') {
print('The account already exists for that email.');
}
} catch (e) {
print(e);
}
Typically, you would do this from your app's sign-up screen. When a new user
signs up using your app's sign-up form, complete any new account validation
steps that your app requires, such as verifying that the new account's password
was correctly typed and meets your complexity requirements.
If the new account was created successfully, the user is also signed in. If you
are listening to changes in
authentication state
, a new
event will be sent to your listeners.
As a follow-up to creating a new account, you can
Verify the user's email address
.
Sign in a user with an email address and password
The steps for signing in a user with a password are similar to the steps for
creating a new account. From your your app's sign-in screen, call
signInWithEmailAndPassword()
:
try {
final credential = await FirebaseAuth.instance.signInWithEmailAndPassword(
email: emailAddress,
password: password
);
} on FirebaseAuthException catch (e) {
if (e.code == 'user-not-found') {
print('No user found for that email.');
} else if (e.code == 'wrong-password') {
print('Wrong password provided for that user.');
}
}
Next steps
After a user creates a new account, this account is stored as part of your
Firebase project, and can be used to identify a user across every app in your
project, regardless of what sign-in method the user used.
In your apps, you can get the user's basic profile information from the
User
object. See
Manage Users
.
In your Firebase Realtime Database and Cloud Storage Security Rules, you can
get the signed-in user's unique user ID from the
auth
variable, and use it to
control what data a user can access.
You can allow users to sign in to your app using multiple authentication
providers by
linking auth provider credentials
) to an
existing user account.
To sign out a user, call
signOut()
:
await FirebaseAuth.instance.signOut();