0
0
Firebasecloud~20 mins

Phone number authentication in Firebase - Practice Problems & Coding Challenges

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Challenge - 5 Problems
🎖️
Phone Authentication Mastery
Get all challenges correct to earn this badge!
Test your skills under time pressure!
service_behavior
intermediate
2:00remaining
What happens after a successful phone number verification in Firebase?

After a user enters their phone number and completes the verification code step successfully, what is the immediate result in Firebase Authentication?

AThe user must manually refresh the app to complete sign-in.
BThe phone number is stored but the user remains unauthenticated until email verification.
CThe user is signed in and a Firebase user ID token is generated.
DThe verification code is saved for future logins but no user session is created.
Attempts:
2 left
💡 Hint

Think about what Firebase Authentication does immediately after verifying the phone number.

security
intermediate
2:00remaining
Which Firebase feature helps prevent abuse of phone number authentication?

To avoid attackers abusing phone number authentication by sending many verification codes, which Firebase feature should be enabled?

AreCAPTCHA verification during phone number sign-in.
BDisabling multi-factor authentication.
CUsing anonymous authentication only.
DEnabling email link sign-in instead.
Attempts:
2 left
💡 Hint

Think about how Firebase confirms the user is a real person before sending SMS codes.

Configuration
advanced
2:30remaining
What is the correct way to configure Firebase phone authentication in a web app?

Which code snippet correctly initializes Firebase phone authentication with reCAPTCHA verifier?

A
const recaptchaVerifier = new firebase.auth.EmailAuthProvider('recaptcha-container');
const phoneProvider = new firebase.auth.PhoneAuthProvider();
B
const recaptchaVerifier = new firebase.auth.RecaptchaVerifier();
const phoneProvider = new firebase.auth.EmailAuthProvider();
C
const recaptchaVerifier = new firebase.auth.RecaptchaVerifier('recaptcha-container');
const phoneProvider = new firebase.auth.PhoneAuthProvider();
D
const recaptchaVerifier = new firebase.auth.RecaptchaVerifier('recaptcha-container', {size: 'invisible'});
const phoneProvider = new firebase.auth.PhoneAuthProvider();
Attempts:
2 left
💡 Hint

Look for the correct constructor usage and options for invisible reCAPTCHA.

Architecture
advanced
3:00remaining
How should you architect a system to securely verify phone numbers with Firebase in a mobile app?

Which architecture best ensures secure phone number verification and user session management in a mobile app using Firebase?

AUse backend to generate custom tokens without verifying phone numbers, client signs in with those tokens.
BUse Firebase SDK on the client to send verification SMS and sign in users directly, with backend verifying ID tokens for protected resources.
CSend phone numbers to backend server, which sends SMS via Firebase Admin SDK, then client signs in anonymously.
DUse third-party SMS service for verification, then create Firebase users manually without client involvement.
Attempts:
2 left
💡 Hint

Consider where verification and sign-in happen and how backend trusts the client.

Best Practice
expert
3:00remaining
What is the recommended approach to handle phone number authentication failures in Firebase to improve user experience?

When a user fails phone number verification multiple times, what is the best practice to handle this situation?

AImplement exponential backoff with increasing delay before allowing retry and show clear error messages.
BImmediately block the user permanently after 3 failed attempts without explanation.
CAutomatically switch to email authentication without user consent.
DIgnore failures and allow unlimited retries to avoid blocking users.
Attempts:
2 left
💡 Hint

Think about balancing security and user friendliness when handling failures.