earlymorning.dev / Firebase / Run functions on Auth events

Run functions on Auth events

Register functions that react to Auth events. Blocking functions can deny the registration of a user. Non blocking functions run after the authentication event has occurred.

Blocking functions

run a function before the user is added to Firebase Auth

We perform validation, and, if applicable, deny the registration by throwing an error. Firebase Auth aborts user creation on throw. The Auth client SDK receives such error and can display it to the user.

export const onRegisterBlocking = beforeUserCreated(options, async (event) => {
    const userRecord = event.data // AuthUserRecord === UserRecord
    // userRecord.uid
    // userRecord.email

    // 1.0 validate
    if (userRecord?.email?.includes("@hotmail.com")) {
        throw new HttpsError("invalid-argument", "don't use hotmail")
    }
    // 2.0 perform block side effects
    // e.g. add a user document to the database:
    await addUserDocFor(userRecord)
    return
})

Non blocking functions

The non blocking functions run after a user has been created (or deleted) by Firebase Auth.

As of writing, there is no v2 version for the non blocking functions:

auth.user().onCreate(async (user) => {})
auth.user().onDelete(async (user) => {})

example: add the user to the Firestore database (or delete it)

We read the auth user's uid and act accordingly:

export const onRegisterNonBlocking = region("europe-west1")
    .auth.user()
    .onCreate(async (user) => {
        const { uid, email } = user
        // add to db
        await db.doc("users/" + uid).set({ uid, email })
        // delete from db
        await db.doc("users/" + uid).delete()
    })
earlymorning logo

© Antoine Weber 2026 - All rights reserved

earlymorning.dev / Firebase / Run functions on Auth events

Run functions on Auth events

Register functions that react to Auth events. Blocking functions can deny the registration of a user. Non blocking functions run after the authentication event has occurred.

Blocking functions

run a function before the user is added to Firebase Auth

We perform validation, and, if applicable, deny the registration by throwing an error. Firebase Auth aborts user creation on throw. The Auth client SDK receives such error and can display it to the user.

export const onRegisterBlocking = beforeUserCreated(options, async (event) => {
    const userRecord = event.data // AuthUserRecord === UserRecord
    // userRecord.uid
    // userRecord.email

    // 1.0 validate
    if (userRecord?.email?.includes("@hotmail.com")) {
        throw new HttpsError("invalid-argument", "don't use hotmail")
    }
    // 2.0 perform block side effects
    // e.g. add a user document to the database:
    await addUserDocFor(userRecord)
    return
})

Non blocking functions

The non blocking functions run after a user has been created (or deleted) by Firebase Auth.

As of writing, there is no v2 version for the non blocking functions:

auth.user().onCreate(async (user) => {})
auth.user().onDelete(async (user) => {})

example: add the user to the Firestore database (or delete it)

We read the auth user's uid and act accordingly:

export const onRegisterNonBlocking = region("europe-west1")
    .auth.user()
    .onCreate(async (user) => {
        const { uid, email } = user
        // add to db
        await db.doc("users/" + uid).set({ uid, email })
        // delete from db
        await db.doc("users/" + uid).delete()
    })