Changes
- All deprecated methods and classes have been removed.
Kreait\Firebase\Auth\User
has been replaced withKreait\Firebase\Auth\UserRecord
- All methods that required an instance of
User
now accept UIDs only. - Added methods
Kreait\Firebase\Auth::getUserByEmail(string $email)
- Removed methods
Kreait\Firebase\Auth::getUserByEmailAndPassword()
Kreait\Firebase\Auth::getUserInfo()
Authentication overrides
Since 4.0, defining authentication overrides is only possible when creating a new Firebase
instance via
the factory (see Authenticate with limited privileges). Thus, the following methods have been removed:
Kreait\Firebase::asUser()
Kreait\Firebase::asUserWithClaims()
Kreait\Firebase\Database::withCustomAuth()
Kreait\Firebase\Database\ApiClient::withCustomAuth()
Token generation and verification
The SDK now makes full use of the kreait/firebase-tokens library and
throws its exceptions when an ID token is considered invalid.
Also, the option to specify a custom expiration time when creating custom tokens has been removed.
Following the official Firebase SDKs, the lifetime of a custom token is one hour.
Added documentation: (Troubleshooting: ID Tokens are issued in the future)