我正在构建Angular应用并使用Firebase电子邮件身份验证。
直到我开始使用确认帐户的电子邮件链接之前,这一直很好。
注册后,我创建了一个用户,然后向他们发送登录到他们邮件的链接。
我尝试了这个,我注册了,得到了一个链接,单击了它,然后它就正确登录了。
但是,一旦我注销,就不能让我使用密码登录,说The password is invalid or the user does not have a password.
我需要重设密码,然后才可以使用。
这是我的代码:
signup(email: string, password: string, firstname: string, lastname, nickname: string, address: string) {
this.firebaseAuth
.auth
.createUserWithEmailAndPassword(email, password)
.then(value => {
this.u = value.user;
this.u.updateProfile({ displayName: nickname, photoURL: null });
this.firebaseAuth.auth.updateCurrentUser(this.u);
var actionCodeSettings = {
// URL you want to redirect back to. The domain (www.example.com) for this
// URL must be whitelisted in the Firebase Console.
//url: 'http://localhost:4200/finishSignUp',
url: 'https://mybay-990af.firebaseapp.com/finishSignUp',
// This must be true.
handleCodeInApp: true,
};
this.firebaseAuth.auth.sendSignInLinkToEmail(email, actionCodeSettings)
.then(function () {
// The link was successfully sent. Inform the user.
// Save the email locally so you don't need to ask the user for it again
// if they open the link on the same device.
window.localStorage.setItem('emailForSignIn', email);
})
.catch(function (error) {
// Some error occurred, you can inspect the code: error.code
});
console.log('Success!', value);
})
.catch(err => {
console.log('Something went wrong:', err.message);
});
}
loginWithEmailLink() {
// Confirm the link is a sign-in with email link.
if (this.firebaseAuth
.auth.isSignInWithEmailLink(window.location.href)) {
// Additional state parameters can also be passed via URL.
// This can be used to continue the user's intended action before triggering
// the sign-in operation.
// Get the email if available. This should be available if the user completes
// the flow on the same device where they started it.
var email = window.localStorage.getItem('emailForSignIn');
if (!email) {
// User opened the link on a different device. To prevent session fixation
// attacks, ask the user to provide the associated email again. For example:
email = window.prompt('Please provide your email for confirmation');
}
// The client SDK will parse the code from the link for you.
this.firebaseAuth
.auth.signInWithEmailLink(email, window.location.href)
.then((result) => {
// Clear email from storage.
window.localStorage.removeItem('emailForSignIn');
// You can access the new user via result.user
// Additional user info profile not available via:
// result.additionalUserInfo.profile == null
// You can check if the user is new or existing:
// result.additionalUserInfo.isNewUser
this.u = result.user;
this.sendPaymentMethod(email).then(sent => {
this.router.navigate(['/store'])
});
})
.catch(function (error) {
console.log(error);
// Some error occurred, you can inspect the code: error.code
// Common errors could be invalid email and invalid or expired OTPs.
});
}
}
login(email: string, password: string) {
var signed = this.firebaseAuth
.auth
.signInWithEmailAndPassword(email, password)
.then(value => {
return true;
})
.catch(err => {
console.log(err);
return err.message;
});
return signed;
}
有什么想法吗?
答案 0 :(得分:3)
似乎您对电子邮件链接身份验证和电子邮件地址确认感到困惑。两种方法都会向您的用户发送电子邮件。在第一种情况下,您将向用户发送一个链接以登录到您的应用程序,将其视为使用Google或Facebook登录的情况,在这种情况下您没有密码,但是您不会向这些提供商发送请求,而是会发送新的链接每次发送电子邮件。 对于第二种情况(您尝试做到这一点),您需要使用电子邮件密码组合创建用户(您已经完成了此操作,但是您无需发送验证电子邮件,而是发送电子邮件登录链接)。在操作设置中,将继续网址返回到您的应用。最后,当您返回时,请使用oob代码(您将其作为url参数)。
我修改了您的代码,因此您将举一个示例:
signup(email: string, password: string, firstname: string, lastname,
nickname: string, address: string) {
this.firebaseAuth
.auth
.createUserWithEmailAndPassword(email, password)
.then(value => {
this.u = value.user;
this.u.updateProfile({ displayName: nickname, photoURL: null });
this.firebaseAuth.auth.updateCurrentUser(this.u);
var actionCodeSettings = {
url: 'https://www.example.com/?email=' + this.u.email,
handleCodeInApp: true,
};
this.u.sendEmailVerification(actionCodeSettings);
console.log('Success!', value);
})
.catch(err => {
console.log('Something went wrong:', err.message);
});
}
emailVerfication() {
this.firebaseAuth.auth.applyActionCode(this.route.snapshot.queryParams.oobCode)
.then(() => console.log('BINGO!'));
}
使用电子邮件/密码和电子邮件验证文档登录:
https://firebase.google.com/docs/auth/web/password-auth https://firebase.google.com/docs/auth/web/passing-state-in-email-actions#passing_statecontinue_url_in_email_actions
答案 1 :(得分:1)
您必须带外或oobCode,然后提示用户输入密码。最后,将其传递给.confirmPasswordReset
。
firebase.auth().createUserWithEmailAndPassword(email, password).then(function () {
firebase.auth().currentUser.sendEmailVerification();
})
function verifyPassword(oobCode, newPassword, email) {
firebase.auth().confirmPasswordReset(oobCode, newPassword).then(function (resp) {
// Password reset has been confirmed and new password updated.
// TODO: Display a link back to the app, or sign-in the user directly
// if the page belongs to the same domain as the app:
firebase.auth().signInWithEmailAndPassword(email, newPassword);
toast('Password Changed');
}).catch(function (error) {
// Error occurred during confirmation. The code might have expired or the
// password is too weak.
toast(error.message);
});
}
答案 2 :(得分:1)
无法使用密码登录帐户是一种预期的行为。当用户使用电子邮件链接登录时,没有与该用户帐户关联的密码。这是电子邮件链接登录的主要好处-用户无需再生成或记住一个密码。
对于这些无密码的用户帐户,由于不可能重复使用密码或创建简单的密码,因此减少了帐户被劫持的可能性。