我正在构建一个Angular应用程序并使用Firebase电子邮件身份验证。 这很有效,直到我开始使用确认帐户电子邮件链接。
注册后,我创建用户,然后向他们发送登录链接到他们的邮件。 我试过这个,我注册了,得到一个链接,点击它,然后它就可以了。
但是,一旦我退出,它就不会让我用我的密码登录,说The password is invalid or the user does not have a password.
我需要重置密码才有效。
这是我的代码:
signup(email: string, password: string, firstname: string, lastname, nickname: string, address: string) {
this.firebaseAuth
.auth
.createUserWithEmailAndPassword(email, password)
.then(value => {
this.u = value.user;
this.u.updateProfile({ displayName: nickname, photoURL: null });
this.firebaseAuth.auth.updateCurrentUser(this.u);
var actionCodeSettings = {
// URL you want to redirect back to. The domain (www.example.com) for this
// URL must be whitelisted in the Firebase Console.
//url: 'http://localhost:4200/finishSignUp',
url: 'https://mybay-990af.firebaseapp.com/finishSignUp',
// This must be true.
handleCodeInApp: true,
};
this.firebaseAuth.auth.sendSignInLinkToEmail(email, actionCodeSettings)
.then(function () {
// The link was successfully sent. Inform the user.
// Save the email locally so you don't need to ask the user for it again
// if they open the link on the same device.
window.localStorage.setItem('emailForSignIn', email);
})
.catch(function (error) {
// Some error occurred, you can inspect the code: error.code
});
console.log('Success!', value);
})
.catch(err => {
console.log('Something went wrong:', err.message);
});
}
loginWithEmailLink() {
// Confirm the link is a sign-in with email link.
if (this.firebaseAuth
.auth.isSignInWithEmailLink(window.location.href)) {
// Additional state parameters can also be passed via URL.
// This can be used to continue the user's intended action before triggering
// the sign-in operation.
// Get the email if available. This should be available if the user completes
// the flow on the same device where they started it.
var email = window.localStorage.getItem('emailForSignIn');
if (!email) {
// User opened the link on a different device. To prevent session fixation
// attacks, ask the user to provide the associated email again. For example:
email = window.prompt('Please provide your email for confirmation');
}
// The client SDK will parse the code from the link for you.
this.firebaseAuth
.auth.signInWithEmailLink(email, window.location.href)
.then((result) => {
// Clear email from storage.
window.localStorage.removeItem('emailForSignIn');
// You can access the new user via result.user
// Additional user info profile not available via:
// result.additionalUserInfo.profile == null
// You can check if the user is new or existing:
// result.additionalUserInfo.isNewUser
this.u = result.user;
this.sendPaymentMethod(email).then(sent => {
this.router.navigate(['/store'])
});
})
.catch(function (error) {
console.log(error);
// Some error occurred, you can inspect the code: error.code
// Common errors could be invalid email and invalid or expired OTPs.
});
}
}
login(email: string, password: string) {
var signed = this.firebaseAuth
.auth
.signInWithEmailAndPassword(email, password)
.then(value => {
return true;
})
.catch(err => {
console.log(err);
return err.message;
});
return signed;
}
有什么想法有什么不对?
您似乎对电子邮件链接身份验证和电子邮件地址确认感到困惑。这两种方法都会向您的用户发送电在第一种情况下,您将向您的用户发送一个链接以登录您的应用,将其视为使用Google或Facebook登录,在此方案中您没有密码,但是您不会向这些提供商发送请求每次都是电子邮件对于第二种情况(你尝试制作这个)你需要创建用户使用电子邮件密码组合(你已经完成了它,但不是发送验证电子邮件,而是发送电子邮件登录链接)。在操作设置中,将继续url设置回您的应用。最后,当你回来应用oob代码(你得到它作为url参数)。
我修改了你的代码,所以你将有一个例子:
signup(email: string, password: string, firstname: string, lastname,
nickname: string, address: string) {
this.firebaseAuth
.auth
.createUserWithEmailAndPassword(email, password)
.then(value => {
this.u = value.user;
this.u.updateProfile({ displayName: nickname, photoURL: null });
this.firebaseAuth.auth.updateCurrentUser(this.u);
var actionCodeSettings = {
url: 'https://www.example.com/?email=' + this.u.email,
handleCodeInApp: true,
};
this.u.sendEmailVerification(actionCodeSettings);
console.log('Success!', value);
})
.catch(err => {
console.log('Something went wrong:', err.message);
});
}
emailVerfication() {
this.firebaseAuth.auth.applyActionCode(this.route.snapshot.queryParams.oobCode)
.then(() => console.log('BINGO!'));
}
使用电子邮件/密码登录,电子邮件验证文档:
https://firebase.google.com/docs/auth/web/password-auth https://firebase.google.com/docs/auth/web/passing-state-in-email-actions#passing_statecontinue_url_in_email_actions
你必须得到带外或oobCode,然后提示用户输入密码。最后,你把它传递给.confirmPasswordReset
。
firebase.auth().createUserWithEmailAndPassword(email, password).then(function () {
firebase.auth().currentUser.sendEmailVerification();
})
function verifyPassword(oobCode, newPassword, email) {
firebase.auth().confirmPasswordReset(oobCode, newPassword).then(function (resp) {
// Password reset has been confirmed and new password updated.
// TODO: Display a link back to the app, or sign-in the user directly
// if the page belongs to the same domain as the app:
firebase.auth().signInWithEmailAndPassword(email, newPassword);
toast('Password Changed');
}).catch(function (error) {
// Error occurred during confirmation. The code might have expired or the
// password is too weak.
toast(error.message);
});
}
这是帐户无法使用密码登录的预期行为。当用户使用电子邮件链接登录时,没有与该用户帐户关联的密码。这是电子邮件链接登录的主要好处 - 用户无需生成或记住一个以上的密码。
对于这些无密码用户帐户,由于不可能重新使用密码或创建简单密码,因此减少了帐户被劫持的可能性。