I'm following the steps found here: https://firebase.google.com/docs/auth/web/email-link-auth#enable_email_link_sign_in_for_your_firebase_project
When a user enters their email and is sent a link to sign in to my app, they receive a sign-in link. After that link is used once, it can't be used again. Is there a timeout for how long that link is valid?
Today official Firebase support answered me a question about the validity of the link. I also asked when I create more links in a row so if all of them will be valid or only the last one. Finally, I asked them to add it to documentation as I could not find it anywhere.
Here is the answer:
Email link Authentication has a longer expiration time (around 6 hours). If you'll create 2 or more sign in emails in a row, you should be able to login with the latest link being received. You'll also be able to receive an error message for example in iOS, "The action code is invalid. This can happen if the code is malformed, expired, or has already been used" when you clicked the older links.
Related
Good day all
I'm busy integrating the calendar API into my C# system and ran into a bit of a headache.
When I create an event, and I add attendees, they get their emails with the invite.
My issue comes, when they accept (or reject) the meeting, their responses are not captured.
In my event their response status always remain: NeedsAction
I have tested this directly via the Calendar API (https://developers.google.com/calendar/api/v3/reference/events/get) and I can get the event, I can see the attendees, yet their responseStatus does not change.
Does anyone have any idea what the problem could be?
Kind regards
I believe I found the answer to the issue.
Basically what it comes down to, the person that accepts the invitation, needs to have a google calendar associated with their account.
What happened was I was sending the invite requests to my work email (that did not have an google account or calendar account associated with it).
I tested it again to my personal gmail, and viola! There it works perfectly.
Here is an image illustrating how the invite would appear in Microsoft Mail. https://i.stack.imgur.com/tKPgN.jpg
If you accept there at the top option, the event would be added to your calendar, and potentially an email might be sent to the creator, but it does not get updated on the creator's google calendar. If you try to accept at the bottom, then you get a google error 400 page. This is what hinted me to what the issue was.
I know that we can't change the email verification template or the SMS verification template.
I have already set Public-Facing Name which is working till the date. But today I got OTP with another text instead of that name.
123345 is your verification code. egad5adfe/g
What is that last word egad5adfe/g and why it is coming instead of Public-Facing Name?
I haven't change anything in the last couple of days. Why it happened don't know. Can anyone please help?
Please clarify that you're facing this issue on production ?
Once you deploy your application it'll reflect the actual name.
In the FlutteFire documentation, it says that "Firebase will send an automated email to the user with a unique code. This code can then be entered via the applyActionCode() method. You can first check whether the code is valid by using the checkActionCode() method" Yet when I send an email verification, it shows a link.
In my email template on Firebase console, it is still showing an email link.
I want to be able to send a code instead, just because it allows for a better user experience in my opinion. What do I do in order to get the email verification to send a code instead? I've looked everywhere and can't find anything helpful.
At the time of writing, you cannot extract the oobCode value that is generated by Firebase Auth.
If you want to use this code, you need to extract it from the Query String in the web page that corresponds to this URL (note that you can adapt the URL in the template in order it points to another URL that you control, e.g. that is exposed by your app).
I'm using Firebase sendSignInWithEmailLink with the url generated as part of the Firebase dynamic link.
The firebase dynamic url looks like:
e.g: https://myapp.page.link/H1c4
The url from step 1 is sent as part of sendSignInWithEmailLink
User received email and clicks on the verification link.
At the end of redirection I can see that the url contains the oobCode as shown below:
https://myapp.page.link/H1c4?apiKey=&oobCode=YG2N2eLU4qGBsDeLU5cVsDrzF9qwkGzoUepInuA9pm0AAAFtfk41Nw&mode=signIn&lang=en
When my app receives the dynamic link finally, it is loosing the oobCode. My app gets
https://myapp.page.link/uEOBUnv1k4XclzwfsT5NXnGBgAA3/
The part after link/ is a custom data which I used while generating the link in step 1.
When I use isSignInWithEmailLink for validating the link in step 5, I get the result as FALSE indicating it's not a valid email link.
But if I provide the full URL from step 4 in the code(manually), the isSignInWithEmailLink returns TRUE.
I think I've done all required but Firebase dynamic link is not persisting the oobCode as part of the link sent to the app on the device.
Has anyone seen this and know what could be the problem? keen to get feedback here before reporting as an issue in Github.
Cheers
Are you using a custom dynamic link with a path, eg. https://myapp.page.link/H1c4? If so, that is currently not supported with Firebase Auth. Only custom domains with no paths are supported, eg. https://myapp.page.link.
I am looking for help to the same question as in
Firebase Email verification not working with ActionCodeSetting
The answer is unfortunately incomplete (to me), and I cannot comment on the original answer as I'm new to SO.
What I'd like to know is whether or not it is required to implement the custom email handler (as per https://firebase.google.com/docs/auth/custom-email-handler) on an external host (as in the guide), or if this can be done on iOS client itself?
Thank you
You can do that client side (on the iOS device) by passing state in the email action.