Check if User is Anonymous in Firestore Cloud Function

Question

When a user is authenticated I trigger a cloud Firestore Cloud Function below;

const functions = require('firebase-functions');
const admin = require('firebase-admin');
admin.initializeApp(functions.config().firebase)

exports.createUserAccount = functions.auth.user().onCreate((user) => {
    const uid = user.uid
    const firstName = user.firstName
    const familyName = user.familyName
    const displayName = user.displayName
    const email = user.email
    const photoURL = user.photoURL

    const newUser = admin.firestore().doc(`/users/${uid}`)

    return newUser.set({
        firstName: firstName,
        familyName: familyName,
        displayName: displayName,
        email: email,
        photoURL: photoURL,
    })
}) 

I run into an issue when a user is logged in anonymously. I have tried adding a const isAnonymous = user.isAnonymous and then returning it under;

return newUser.set({
    isAnonymous: isAnonymous,

ERROR LOG IN CONSOLE

Error: Value for argument "data" is not a valid Firestore document. Cannot use "undefined" as a Firestore value (found in field isAnonymous).

My question is how do I check if the user is anonymously logged in or not through a Firebase Cloud Function?

Answer 1

As far as I know there is no direct API for checking if a user is anonymous using the firebase admin sdk. By checking that a user has been active and don't have any connected login providers I believe it should work however.

const user = await admin.auth().getUser('Bp7DmEl5HKcDKrQr7QFVnQXS8FH1')
const hasBeenActive = user.metadata.lastSignInTime != null
const hasProviders = user.providerData.length > 0
const isAnonymous = hasBeenActive && !hasProviders

Note that the reason for the active check is to filter out users who are created manually using either the firebase console or with the admin sdk. Depending on your use case you might want to consider them anonymous as well.

Answer 2

As long as you are using email-based authentication (email+pass & OAuth) then you can simply check

if (user.email !== null){ 
  // Run this code if the user is not anonymous
}

Docs

Answer 3

The UserRecord object delivered to your auth function will never have an isAnonymous property on it. That's why it's always taking the value undefined. Check the link to the API documentation to see what's there. I'm not sure how you came to the conclusion that it should be there.

Each authentication provider that has verified an account is present in the providerData array property of the UserRecord object. You should look through that array to check if it's an anonymous account. Specifically, you should be checking the providerId field of each UserInfo object in the providerData array. I'm not 100% certain if this is the correct approach, but from what I'm observing, an anonymous account will have an empty providerData array, since it's not been verified by any auth providers.