Hi Thunkers.
This uses the FirebaseUI in a webviewer and passes the JSON Stringified data through the Post Message method of the web viewer block. The HTML is hosted on Firebase Hosting to avoid complicated authentication SDKâs as we are calling the file from within our account.
Requires no difficult coding.
Uses Free Tier Firebase account.
Very Native feel in your Thunkable app.
Looking forward to gauging interest in producing an instructional video.
Yes!
update:
Google: wont work in web viewers.
Facebook: working very well.
Twitter: Waiting on Twitter review to test fully but looks good.
Email: Working very well
Phone/sms: Still testing but looks good.
Great Job !!!
So cool!
Am defiantly looking forward to see how this works!
As you instructed, I subscribed to your channel 
Update:
Google Login-in: I am working on a method to pass the data through firebase db so we can do this through the devices browser instead of web viewer. I am close and have a working model allbeit insecure at the moment.
Facebook: works a charm.
Twitter: works well but I need to be able to scope email addresses and I havenât yet sought permission for that.
Overall: Getting the user data uid, token, email, avatar etc is the easy part. The difficulty is then logging in with Thunkable because the Thunkable interface only has one option (email, password). The work around is to link the account to multiple auth methods. Fortunately Firebase makes this easy. soâŚ
Once we log the user in using Facebook, we get their email from the results object of the UI and after linking the account with the provided email and a known secure admin psuedo password, we return that to thunkable in a message . In thunkable on receipt of this message we programatically use the login block with this email and password. We are effectively logging in using both facebook and email. Its working well!!!
I am however today, exploring ways of keeping this known admin psuedo password safe and hidden in the html javascript environment and making it a known admin created password that we donât have to pass in a message. The password can be the same for all users as long as it remains secure and hidden. Anyone having a go at this may find the below function is the cracker. The below code uses the refresh token to create a user password (which should be long lived and is never known to the user) however I am looking for a more robust solution. We are very close guys. Alternatively, Thunkable COULD create a block to allow us to log in using the token itself regardless of the provider method used!!! I am determined to make this work securely.
function ProcessResults(result) {
let results = JSON.stringify(result)// User successfully signed in.
console.log(email: ${result.user.email}, uid: {result.user.uid})
let pw = result.user.refreshToken
pw = pw.slice(pw.length - 8, pw.length)//create a password as last 8 characters from the Refresh token
//First Time Signup:
if (result.additionalUserInfo.isNewUser === true) {//if Signup, Link Thunkable email login, create User database node and pass results to nodeJS
if (result.additionalUserInfo.providerId !== âpasswordâ) {//exclude email choice from trying to link. canât link email type accounts to email type account. We can use Thunkable directly for this.
var credential = firebase.auth.EmailAuthProvider.credential(result.user.email, pw);//this is what Thunkable will use to log in.
firebase.auth().currentUser.linkWithCredential(credential)
.then(function (usercred) {
var user = usercred.user;
console.log(âAccount linking successâ, user);
}).catch(function (error) {
console.log(âAccount linking errorâ, error);
});
}
else { ThunkableWebviewerExtension.postMessage(${result.user.uid},${result.user.email},password) }
firebase.database().ref(âusersâ).child(${result.user.uid}/LoginResults).set(results)
}
let user = firebase.auth().currentUser;
console.log(âupdate passwordâ)
user.updatePassword(pw).then(() => {
// Update successful.
}, (error) => {
console.error(error)
// An error happened.
});
console.log(pw)
Iâll start to tidy up this project and post a full solution soon. I may limit it to Facebook just to keep it relatively simple. We can go through the Google login in subsequent posts. Small wins keep me going 
THUNKABLE FACEBOOK LOGIN.
Tested working.
For Advanced Users that donât need my novice videos 
Note: if you follow the above method and host the html on firebase hosting, the script will configure the firebase javascript SDK when deployed and you WONâT have to configure the SDK yourself.
Thunkable Project : https://x.thunkable.com/projectPage/5f72895bf5591b3c6619c8e1
Working HTML file as TXT: https://firebasestorage.googleapis.com/v0/b/luco-ffeb6.appspot.com/o/Public_Files%2FFirebase_Facebook_Login.txt?alt=media&token=853e2fcf-034a-4336-ae74-eda11e78f345
Optional Database Rules
//begin
{
ârulesâ: {
âusersâ: {
â$user_idâ: {
â.writeâ: â$user_id === auth.uidâ,
â.readâ: â$user_id === auth.uidâ
},
/*âGoogle_loginsâ: {//not needed for now
â.readâ:true,
â.writeâ:true
}
*/
}
}
}
//end
Feel free to ask any questions.
EDIT:
HTML: Added div mutation observer and form event listeners to get the password and pass in message to Thunkable from the firebaseUI if the user selects email instead of facebook. We now donât have to prompt the user for their password in our app on signup. (Firebase does not release passwords in their object queries so this is sturdy a workaround. Updated Thunkable app accordingly.
Hi everyone,
I have had more than a few IMâs regarding this and other threads requesting full instructions. Please be aware that although I am happy to share and guide, most of the posts that I start including this one are not Code free and use Thunkable as a client side UI (user interface) only. I rely heavily on Javascript code and Server side Node JS functions.
I am happy to guide anyone that needs it but I make the following assumptions.:
I am happy to do:
What I wonât do:
What I invite: Collaboration and improvement to my methods and code.
Thanks guys.
I am close to posting a new thread on a âany filetypeâ device file picker that does NOT require Cloudinary. I have also managed to include thumbnails and file reductions using Javascript Canvas. It works awesomely with Thunkable but is not for the faint hearted or beginner. Will share soon. Happy Thunking.
Hello Eddie and thank you for sharing this. Itâs really wonderful. I was wondering if you can share some tips and instruction to how to do this with the Phone/SMS.
Thank you!
Hi @abdallask,
I havenât worked too much with phone/sms although I am certain it wouldnât be too different to what is explained here. The reason I didnât incorporate it is because there are extra charges involved and I wanted to keep everything I was sharing in the free tier bracket.
Unfortunately, my personal work load is over-stretched for the next few months so I wonât have time to address this.
I have now set up my own server with node js and php Google Auth so I will be doing much less with Firebase hosting (which doesnât require auth sdk).
I have also finalised the non-cloudinary file picker so those that are advanced users and wish to have a go can IM me.
Hello Eddie,
Were you able to solve the issue with Google sign-in. It seems you were close to.
Many thanks
Regards
Alexis
Hi @alanglade
It has been a while but from memory, the only way it would work was to open and use the devices default browser. Google would not allow it in the in-app browser.
It wasnât an elegant overall solution in the end.
Thanks alot for the information. It worked perfectly using your instructions but at the last moment it failed due to facebook no longer allowing login from embedded browsers after October 2021, and weâre using web viewers here.
Do you have any advice to solve this?
How do you use phone/SMS in thunkable?
