I have an application that handles authentication with the firebase-authentication service. Due to some recent changes in business logic, I need to start storing my users in a Mongo database as well. So, I must migrate the users to my Mongo database but in addition, I need them in Firebase to have the UID corresponding to the one generated by Mongo. Since I can't change the firebase UID (if I'm wrong please correct me), my plan was something like this:
However, my plan has a delicate detail. I understand that I cannot obtain firebase passwords, so when deleting and creating users, I would have to generate new passwords for all users. How can I address this situation to avoid this?
You can't get the password from Firebase indeed. In fact, if you ever encounter a service that allows you to retrieve a password, you should stop using that service immediately - as that's a huge security risk.
What you can get from Firebase though is the password hashes and the algorithm+salts used to determine those, which you can then use to implement the same algorithm elsewhere and get the new sign-in flow working with the same credentials.
Firebase doesn't allow you to set the salt+hash for users in its built-in providers though. So if you want to implement this flow, you'll have to implement your own auth provider. This is quite involved, so you might want to consider keeping a mapping table from the mongo ID to the Firebase UID instead.