Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/AndrewwCO/Panahashi/llms.txt

Use this file to discover all available pages before exploring further.

Panahashi uses Firebase Authentication for secure user sessions. Auth state is managed in context/AuthContext.js and exposed through a React context, making the current user and auth actions available from any screen in the app. This page explains how account creation, sign-in, and sign-out work, and how the session state flows through the app.

Signing in and registering

AuthContext exposes three auth actions:
FunctionFirebase callDescription
login(email, password)signInWithEmailAndPasswordSigns in an existing user
register(email, password)createUserWithEmailAndPasswordCreates a new account
logout()signOutEnds the current session
All three return Promises. login and register resolve with a Firebase UserCredential; logout resolves with void. Any Firebase error (wrong password, email already in use, etc.) is thrown and should be caught in the calling screen. The full value shape provided by AuthContext: 
{
  user,      // Firebase User object, or null if not signed in
  loading,   // boolean — true until first auth check completes
  login,     // (email, password) => Promise<UserCredential>
  register,  // (email, password) => Promise<UserCredential>
  logout,    // () => Promise<void>
}

Session state

AuthContext subscribes to onAuthStateChanged in a useEffect that runs once on mount: 
useEffect(() => {
  const unsubscribe = onAuthStateChanged(auth, (firebaseUser) => {
    setUser(firebaseUser);
    setLoading(false);
  });
  return unsubscribe;
}, []);
Firebase calls this listener immediately with the persisted session (if any), then again whenever the session changes — on login, logout, or token revocation. loading starts as true and is set to false after the first callback fires. This means:
  • On cold start, there is a brief window where loading is true and user is null regardless of whether the user is actually signed in.
  • RootNavigator uses this loading flag to show an ActivityIndicator instead of the Login screen during this window, preventing a visible flash.
Firebase persists the session to device storage automatically. You do not need to store the token or user ID yourself — onAuthStateChanged will restore the session on the next app launch.

Using auth in screens

Import useAuth from AuthContext and destructure the values you need: 
import { useAuth } from '../context/AuthContext';

const { user, loading, login, logout } = useAuth();
user is the Firebase User object and includes fields like user.uid, user.email, and user.displayName. It is null when no session is active.

Firebase tokens for API calls

Authenticated API requests require a Firebase ID token. The authHeaders() function in services/api.js fetches the token from the current user and attaches it to every request: 
async function authHeaders(extra = {}) {
  const user = getAuth().currentUser;
  if (!user) throw new Error('No hay usuario autenticado');
  const token = await user.getIdToken();
  return {
    'Content-Type': 'application/json',
    Authorization: `Bearer ${token}`,
    'X-User-Name': user.displayName || 'Cliente',
    ...extra,
  };
}
The backend validates this token on every authenticated endpoint. X-User-Name is an additional header used by the backend for display purposes; it falls back to 'Cliente' when displayName is not set.
The Firebase ID token expires after 1 hour. getIdToken() automatically refreshes it when needed, so you never need to handle token refresh manually.
authHeaders() throws if getAuth().currentUser is null. Always call authenticated API functions only when user is set, or wrap calls in a try/catch that handles the unauthenticated case.

Build docs developers (and LLMs) love

Get started for freeTalk to us