We have developed and tested a Flutter app. Everything works as expected. We deployed an app to stores and gain some users.

After a few months, we got complaints from our users that they lost all their data when they opened the app.

I believe that the data is not lost, only their anonymous account changed to the new anonymous account.

What users, with lost data, have in common:

• iOS devices (not sure if relevant),
• didn't use the app for at least a few days.

Our user authentication flow:

• App starts,
• All services are initialized in main() method,
• AuthService initialize final _auth = FirebaseAuth.instance; and calls loginUser(),
• loginUser() method executes:

void loginUser() async {
  FirebaseUser user = await _auth.currentUser();

  if (user == null) {
    AuthResult result = await _auth.signInAnonymously();
    user = result.user;
  }

  IdTokenResult userToken = await user.getIdToken();
  print('USER');
  print('    UID: ${user.uid}');
  print('    Token: ${userToken.token}');
  print('    Expires: ${userToken.expirationTime}');
}

We are using versions:

• flutter: v1.12.13+hotfix.7
• firebase_core: ^0.4.0+8
• firebase_auth: ^0.14.0+5

We didn't experience any problems with registered users.

Questions:

• In what cases would this._auth.currentUser() return null?
• Is there an expiry date for the anonymous account?
• Is there a way to reproduce this issue?
• Did someone experience the same issue?
• What are we doing wrong?
• How can this be avoided for anonymous users?

• In what cases would this._auth.currentUser() return null?

According to the docs, currentUser() should only return null if there's no signed-in user.

• Is there an expiry date for the anonymous account?

I can't find this on the docs, I suggest you contact Firebase Support, they usually return your contact within 2 days.

• Is there a way to reproduce this issue?

I don't think so, you could try to login as an anonymous user and wait to see if it stops working after a while, but this will require patience and lots of time probably. Maybe you have the user's creation date so you can estimate the main time it takes for the account to disappear?

• Did someone experience the same issue?

I don't use anonymous users.

• What are we doing wrong?
• How can this be avoided for anonymous users?

I guess anonymous users shouldn't be used for a long time, if you want to persist your user's data, you should upgrade them to a permanent account. But Firebase Support should clarify this further for you.

Just extending on @mFeinstein's answer

Anonymous auth token is persisted to disk and is only regenerated when calling signInAnonymously again. Without looking at the specific implementation, it's hard to tell, but there could've been some secondary issue that lead to returning null when calling currentUser() leading to generating a new anonymous user id.

How can this be avoided for anonymous users?

• instead of using anonymous login, use login with custom auth provider, and store the generated token in Keychain, encrypted, such that it is backed up to iCloud.

More info on custom provider auth can be found here: https://firebase.google.com/docs/auth/ios/custom-auth