Sign In

A user signs in to the 95octane app to access their profile and the platform's features.

Who Can Do This

Any user with a supported sign-in method on a supported device.

Steps

  1. Open the 95octane app on iOS or Android.
  2. Select a sign-in method:
  3. iOS: Google or Apple
  4. Android: Google only
  5. Complete authentication with the chosen provider.
  6. If signing in for the first time, complete onboarding before reaching the home screen. See Onboarding.

Rules

  • Apple Sign-In is only available on iOS devices.
  • Email/password sign-in is not available to users. It exists only for internal testing and App Store/Play Store review accounts. See App Review Process.
  • Mobile/OTP is not available on the sign-in screen. It is only usable on the account recovery page (/recover) to add or replace a sign-in provider. See Add Authentication Provider.
  • A new account is created with status: onboarding on first sign-in. No action is required from the user — onboarding begins immediately.

What Happens Next

  • Returning users are auto-signed in by Firebase Auth and land directly on the home screen. An explicit sign-in step is only required the first time, after a device reset, or when a session has been fully invalidated. If the account is banned, the ban takes effect within 1 hour (when the Firebase ID token naturally expires) — on the next app launch after expiry, the user is routed to the Ban screen.
  • First-time users are routed to onboarding. On completion their status becomes active and they land on the home screen as a free user. No subscription prompt is shown. They can subscribe at any time from their profile or when they tap a subscriber-only feature.

Failure Cases

  • No network connectivity: If the app cannot reach Firebase when it opens, the sign-in screen shows a clear error stating the reason and a retry prompt. No account is created or changed.
  • Authentication cancelled: User dismisses the provider's sign-in screen before completing it. No account is created or changed. The user returns to the sign-in screen and can try again.
  • Authentication error: Sign-in fails partway through — network drop or provider-side error. The user sees a message and returns to the sign-in screen to retry. No partial account is created.
  • Banned account: Authentication succeeds. The app reads the ban status from the user's auth token and routes the user to the Ban screen instead of the home screen. The Ban screen shows the ban reason and offers two options: Appeal or Delete Account. See Ban.
  • Account pending deletion (within grace period): Opening the app shows a deletion notice with a single option to cancel. No app features are accessible. Cancelling restores status: active and returns the user to the app normally. Admin roles are NOT restored — these must be re-granted manually. See Delete Account for full restoration rules.
  • Subscription restored on a different account: When a user restores a previous subscription and it is associated with a different account, the app detects the mismatch and offers to merge the two accounts. If the user declines the merge, the subscription is transferred to the current account via RevenueCat — the two accounts remain separate. See Account Merge Detection.
  • Provider linked to a different account: A sign-in provider can only be associated with one account. If the provider the user chose is already linked to a different account, Firebase Authentication detects the conflict. The conflict is resolved based on the email address — if the new provider's email matches an existing account, the app prompts the user to link the new provider to that account. Device type (iOS or Android) is not a constraint — the user can resolve the conflict from any device. The app shows a prompt with two choices:
  • Continue with existing account: the new provider is linked to the existing account automatically. The account identity and all its data remain unchanged — this is a provider link only, not a data merge.
  • Sign out: the user is signed out and can attempt sign-in with a different provider.

Provider conflict outcomes vary by the state of the existing account:

Existing account state Outcome after conflict resolution
Active Provider linked. User lands on home screen.
Onboarding Provider linked. User resumes onboarding from the last incomplete step.
Banned Provider linked to banned account. Ban persists (same account). User sees Ban screen with Appeal and Delete Account options.
Banned final Provider linked to banned account. Ban persists (same account). User sees Ban screen with Delete Account only — no appeal available.
Pending deletion (to_be_deleted) User is informed of the pending deletion. App offers to cancel deletion and restore the account. If user restores: provider linked, account active. Admin roles NOT restored.
Permanently deleted (after grace period) The Firebase UID is reused but all product data is gone. The user goes through standard onboarding as a new account. See Delete Account.

Intentionally adding a new provider from account settings is a separate feature — see Add Authentication Provider, which is planned and not yet live.

Status: partially-live. Core Google/Apple authentication, iOS-only Apple guard, test-user gate, and onboarding routing are complete. Missing: ban screen routing; pending-deletion notice screen; provider conflict resolution UI; subscription account merge detection at sign-in.