Firebase Auth Integration

Overview

RideEase utilizes Firebase Authentication as its primary identity provider. The integration supports Email/Password authentication, email verification, and supplemental profile data storage via Cloud Firestore.

The system distinguishes between two user roles: Rider and Driver. This role-based logic is enforced during both registration and login to ensure account integrity.

Authentication Lifecycle

1. User Registration

To create a new account, use the AuthViewModel#signUpWithEmail method. This process automatically triggers a Firebase email verification request.

// Example Usage in SignupActivity
authViewModel.signUpWithEmail(email, password, "rider");

Method Signature: public void signUpWithEmail(String email, String password, String userType)

| Parameter | Type | Description | | :--- | :--- | :--- | | email | String | A valid email address. | | password | String | Account password (minimum 6 characters). | | userType | String | Role assigned to the user (rider or driver). |

2. User Sign-In

The sign-in process validates the user's credentials and verifies that the selected userType matches the role stored in Firestore.

// Example Usage in LoginActivity
authViewModel.signInWithEmail(email, password, "driver");

Validation Logic:

• If a user attempts to log in as a "Driver" but was registered as a "Rider," the system will return an error: "Wrong category selected".
• Successful login updates the authResult LiveData with the user's UID.

3. Password Management

RideEase provides a dedicated flow for password recovery via ResetPasswordActivity.

Method: firebaseAuth.sendPasswordResetEmail(email)

• Input: String email
• Output: Triggers a standard Firebase password reset email.
• UI Constraint: The "Submit" button includes a 30-second cooldown timer to prevent spamming reset requests.

Profile & Phone Verification

After the initial account creation, users are directed to the UserDetailsActivity to complete their profile. This involves submitting a full name and a validated phone number.

User Data Model

The User class represents the profile structure stored in Firestore.

| Field | Type | Description | | :--- | :--- | :--- | | userId | String | Unique Firebase UID. | | userType | String | "rider" or "driver". | | fullName | String | User's display name. | | phoneNumber | String | Combined country code and 10-digit number. | | isPhoneVerified| boolean| Status of SMS verification. |

Phone Verification Flow

Handled by UserDetailsViewModel, the verification process is split into two steps:

1. Request OTP: startPhoneVerification(String phoneNumber)
   • Requirement: Phone number must follow E.164 format (e.g., +911234567890).
2. Verify OTP: verifyPhoneCode(String verificationId, String code, ...)
   • Input: The 6-digit code received via SMS.

Utility & State Management

AuthUtils

AuthUtils provides static helper methods to check the user's progress through the onboarding funnel.

| Method | Role | | :--- | :--- | | checkUserDetails | Checks Firestore to see if detailsSubmitted is true. Used by SplashActivity to route users to either MainActivity or UserDetailsActivity. | | isUserTypeValid | Validates if the user's current session role matches their persistent Firestore role. | | clearLoginState | Wipes SharedPreferences and local session data during logout. |

Observables (LiveData)

Developers should observe the following LiveData streams in AuthViewModel to react to UI changes:

• getAuthResult(): Returns an AuthResult object containing success (boolean) and userId (String).
• getErrorMessage(): Emits localized error strings for Toast or Snackbar notifications.
• getUserProfile(): Emits the current User model object after data is fetched from Firestore.

Configuration Requirements

To use this integration, ensure the google-services.json file is present in the app/ directory and the following Firebase services are enabled in the Firebase Console:

1. Authentication: Enable "Email/Password" and "Phone" providers.
2. Firestore: Create a users collection.
3. SHA-1 Fingerprint: Required for Phone Authentication (SMS) to function on physical devices.