Custom Firebase Authentication with Username and Password

Question

I'm writing an Android app, where the authentication needs to be performed with username and password (on the logIn part) and email, password and username (on the Register part). The username and the email need to be unique.

I've followed this link where Firebase tells us how to sign in user with custom token, generated by our own backend(in my case Spring Boot), but this is only for signing in.

How the registration part needs to be handled?

When the user registers, I need to check and save the data from the backend into Firebase, return the token and sign in with this token, or?

Answer 1

When using a custom authentication provider to sign in to Firebase, it's your own provider that handles the registration of the users. Firebase Authentication in this scenario doesn't maintain any information for the user.

So you will need to store your own database of user names, (hashed) passwords, and other data that you maintain. You can of course use one of Firebase's databases (Firestore or Realtime Database) for that purpose, but Firebase Authentication will not know of that.

For an example of a username + password provider, see this repo: https://github.com/firebase/functions-samples/tree/master/username-password-auth

---

As a different approach you could also use the existing email+password provider of Firebase, and add a user name requirement on top of that. Here too you'd store the user name in an external database, as Firebase Authentication won't know anything about it.

This is a more common approach, and you can find out a lot more about what folks have done there by looking at questions around storing a unique user name.