I'm trying to login with Linkedin and Firebase. I generate on my server the custom token, I have my private key, I use RS256 and this is my payload:
"iss" : service_account_email
"sub" : service_account_email
"aud", "https://identitytoolkit.googleapis.com/google.identity.identitytoolkit.v1.IdentityToolkit"
"iat", Date().timeIntervalSince1970
"exp", Date().timeIntervalSince1970.advanced(by: 3600)
"uid", String.randomString(length:28)
I create the token, send it back to the app and from this I do:
Auth.auth().signIn(withCustomToken: token!, completion: { (user, error) in
I receive no error and a user back, so the token is valid. The problem is that the user has no values (no email, no displayName etc). the only thing is the uid which is the one that I set with: String.randomString(length:28)
How can I retrieve the user email and other info? In my linkedin account I have a displayname, email, picture etc. But here nothing.
Thanks
You have to set that manually. Firebase Auth has APIs to update profile (photo URL and display name) as well as email. You can send this LinkedIn data along with the custom token to your app, sign in with custom token and then update profile and email on that signed in custom token user.
By the way, set the LinkedIn ID as the UID for that user. Do not use a random string. Otherwise the next time you sign in with LinkedIn, the same user will map to another one.
Related
How can one link the phone provider with the email provider in authenticated users section from Firebase?
Whenever I try to log in with the email, it then removes the phone number from the identifier section and then I try to log in with the phone number it creates a new user with a different UID.
I am looking for a solution in Swift that would have both phone and email as providers, any advice?
You can link multiple Auth providers as explained in this link
// If email & password
// let credential = EmailAuthProvider.credential(withEmail: email, password: password)
// If email link
let credential = EmailAuthProvider.credential(withEmail: email, link: link)
Auth.auth().currentUser.link(with: credential) { (authResult, error) in
// ...
}
I have the following logic in my iOS app:
User registers
Firebase sends an email confirmation
Returns to login screen
Now if the user logs in, without verifying the email, then we have a user session and isEmailVerified is false.
I only need to check the isEmailVerified in a certain point in the app.
Also I think signing the user in, checking the field and signing the user out would be bad practise.
I'd need to reauthenticate the user, what is the best way of doing this? How can I, after the user has logged in, switch the status of isEmailVerified?
Thanks
First, you need to have the email and password to create a credential. Your user already provided this on the login page... So the email and password to persistent storage on iOS. In Android, the equivalent would be SharedPreferences.
I do not code in iOS, but this will give you the idea for the logic.
Then, when you get to that point in your app where email verified is called:
if (user.isEmailVerified) == true {
// you do not need to hold the email and password in persistent storage anymore.
// go into your persistent storage and delete the data.
} else {
// get the email and password the user saved in persistent storage.
String email = persistentStorage.getEmail();
String password = persistentStorage.getPassword();
var user = firebase.auth().currentUser;
var credentials = firebase.auth.EmailAuthProvider.credential(email, password);
user.reauthenticate(credentials);
// then, when finished reauthenticating, check whether isEmailVerified() == true;
}
I have two related questions and I hope someone help me because I've been stuck for 2 days
First: mobile phone failed to authenticate
Here is what I have done:
1- user signs up
2- token released
3- token saved in user's device
but then when the same user try to do API requests I get
Rooute to sign up :
$api = app('Dingo\Api\Routing\Router');
$api->version('v1', function ($api) {
$api->post('auth/signup', 'App\Api\V1\Controllers\AuthController#signup');
then I get a token , so I guess everything looks great!
then now when the same device sends a post request to laravel I get this message
"message": "Failed to authenticate because of bad credentials or an invalid authorization header."
this is the route to the post request
$api->group(['middleware'=>'api.auth'],
function ($api) {
$api->post('auth/ios', 'App\Api\V1\Controllers\AuthController#create');
Second: is my method right to save data made by a mobile phone?
Since I couldn't test this method I'd like to know if this is at least one of the right ways to receive data and save it. The reason to save it is because I will show it in a control panel.
public function create(Request $request)
{
$user = new User();
$id = Auth::id();
$user->phone = $request->input('phone');
$user->city = $request->input('city');
$user->street = $request->input('street');
$user->save();
return 'Employee record successfully created with id ' . $user->id;
}
I understand that you are authenticate users based on api token.
Here is what you could do :
set up a column called api_token in users table by adding the following migration
$table->string('api_token', 60)->unique();.This generates a random api token for every user.
send the api_token back to the user's device and save it there
Send it back with every request. Preferalbly set it up globally and send it in the request Authentication request header
Get the authenticated user like so$user= Auth::guard('api')->user();
Laravel takes care of all the authentication stuff behind the scenes.
Learn More about this here
I'm trying to setup a password reset within an app using swift 2 and Firebase.
Following Firebases example:
let ref = Firebase(url: "https://<YOUR-FIREBASE-APP>.firebaseio.com")
ref.changePasswordForUser("bobtony#example.com", fromOld: "correcthorsebatterystaple",
toNew: "batteryhorsestaplecorrect", withCompletionBlock: { error in
if error != nil {
// There was an error processing the request
} else {
// Password changed successfully
}
})
How can I access an authenticated users email & password in order to pass those values to this function instead of the current mock data?
I'm not interested in sending a temporary password in a pass reset email.
I was thinking that I'd be able to access these values by something like:
let ref = Firebase(url: firebaseURL)
ref.authData.providerData.someValueHere
But I haven't been able to figure it out.
How can I access these values from the currently authenticated user?
How can I access an authenticated users email & password
Firebase does not store the user's password. Instead it stores a hash of the user's password. That means that there is no API from Firebase that returns a user's password.
I am new to OAuth, and want to get the user ID (an email address) from Google using OAuth.
But I don't want to get the user's Google Contacts Information.
We can get google Email address only not the contacts by making the scope of request token Like :
"https://www.google.com/accounts/OAuthGetRequestToken?scope=https://www.googleapis.com/auth/userinfo#email";
Now do a authorized call to get the response like :
var responseText = oAuthConsumer.GetUserInfo("https://www.googleapis.com/userinfo/email", consumerKey, consumerSecret, token, tokenSecret);
Here by saying authorized call mean to make the HTTP Get request with required paramaters in header.
header string should contain: realm, consumerKey, signatureMethod, signature, timestamp, nounce, OAuthVersion, token
Please refer to http://googlecodesamples.com/oauth_playground to verify your code and to see the correct header string parameters