Skip to main content

Authenticate with Firebase using Password-Based Accounts on Flutter

Notice

This page is archived and might not reflect the latest version of the FlutterFire plugins. You can find the latest information on firebase.google.com:

https://firebase.google.com/docs/auth/flutter/password-auth

You can use Firebase Authentication to let your users authenticate with Firebase using email addresses and passwords.

Before you begin#

  1. If you haven't already, follow the steps in the Get started guide.

  2. Enable Email/Password sign-in:

    • In the Firebase console's Authentication section, open the Sign in method page.
    • From the Sign in method page, enable the Email/password sign-in method and click Save.

Create a password-based account#

To create a new user account with a password, call the createUserWithEmailAndPassword() method:

try {
final credential = await FirebaseAuth.instance.createUserWithEmailAndPassword(
email: emailAddress,
password: password,
);
} on FirebaseAuthException catch (e) {
if (e.code == 'weak-password') {
print('The password provided is too weak.');
} else if (e.code == 'email-already-in-use') {
print('The account already exists for that email.');
}
} catch (e) {
print(e);
}

Typically, you would do this from your app's sign-up screen. When a new user signs up using your app's sign-up form, complete any new account validation steps that your app requires, such as verifying that the new account's password was correctly typed and meets your complexity requirements.

If the new account was created successfully, the user is also signed in. If you are listening to changes in authentication state, a new event will be sent to your listeners.

As a follow-up to creating a new account, you can Verify the user's email address.

note

To protect your project from abuse, Firebase limits the number of new email/password and anonymous sign-ups that your application can have from the same IP address in a short period of time. You can request and schedule temporary changes to this quota from the Firebase console.

Sign in a user with an email address and password#

The steps for signing in a user with a password are similar to the steps for creating a new account. From your your app's sign-in screen, call signInWithEmailAndPassword():

try {
final credential = await FirebaseAuth.instance.signInWithEmailAndPassword(
email: emailAddress,
password: password
);
} on FirebaseAuthException catch (e) {
if (e.code == 'user-not-found') {
print('No user found for that email.');
} else if (e.code == 'wrong-password') {
print('Wrong password provided for that user.');
}
}
caution

When a user uninstalls your app on iOS or macOS, the user's authentication state can persist between app re-installs, as the Firebase iOS SDK persists authentication state to the system keychain. See issue #4661 for more information.

Next steps#

After a user creates a new account, this account is stored as part of your Firebase project, and can be used to identify a user across every app in your project, regardless of what sign-in method the user used.

In your apps, you can get the user's basic profile information from the User object. See Manage Users.

In your Firebase Realtime Database and Cloud Storage Security Rules, you can get the signed-in user's unique user ID from the auth variable, and use it to control what data a user can access.

You can allow users to sign in to your app using multiple authentication providers by linking auth provider credentials) to an existing user account.

To sign out a user, call signOut():

await FirebaseAuth.instance.signOut();
Edit this page