I want to change the default email verification and password reset to my custom email without having to change the link in which the user has to go to. I added the domain I want to and did the necessary changes to the domain. Waited 48 hours to verify, the response was that it cannot be verified. I would like to have more details on how to add a custom email.
Related
In a Firebase project, I have activated multiple sign-in methods (e-mail, Google, and Microsoft), which all work fine. I also have it activated to only allow one account per e-mail address.
The problem arises when a user successfully signs in via Google or Microsoft, then signs out and then signs in via e-mail, using the same e-mail address as before using Google or Microsoft. Then his account type changes to e-Mail and it seems like a no way back.
Is there a way to change user account types from e-mail back to Microsoft or Google?
Your code must have different functions written for different signin's. When the user first logs in, store his login method on firestore. You can get this from the signin function triggered or simply by the button user clicked. Then during each login add a check that if user exists and user's current signin method is not the same as the one stored on firestore, notify the user to use the correct one.
Or you can let the user signin using whatever they please but ultimately in your code, the function which is triggered will tell you the current signin method and you'd have the first/previous method stored. So you can do stuff accordingly.
What you are writing in question seams not how it works. When you sign in using Google provider your email is verified automatly and if you try to sign in using same email authentication will throw error that account with that email allredy exists.
If you created first account using email and password and didn't verify your email addres then if you sign in using google provider with same email address in it, email and password provider will gone because of was not verified and you wont be able to login using email end password unless you will setup a new password for this email.
If email was verified and you sign in using google provider with same email address. This provider will be added to providers array and you will be able to login using email and password and google provider.
To add multiple providers to your accaunt you can use linkWithPopup() function. If you created accound with diferent email address and want to be able to log in on this account with provider who has diferent email address for example.
UPDATE: it just randomly started working for me now...is there a period of time after updating an email that it is ineligible for new account creation?
I was able to use this API call provided by firebase to change emails for an account, but now I cannot use the other email to create a new count. I cannot reuse the other email at all. It seems like there is still a lock or hold on the old email.
https://firebase.google.com/docs/reference/js/firebase.User#updateEmail
Steps to reproduce error
signup with original#email.com
update account email to new#email.com (and click verification link sent via email)
cannot create a new account (nor re-update existing account) with original#email.com
I am simply looking to free up the email that is no longer in use. (original#email.com)
Note in image below that 'original#email.com' does not show up
This is a security related behavior. The old email is reserved just in case the owner of the email decides to revert to the old account by clicking the email change revocation link which is sent to the old email. This gives the owner of the account the ability to recover their account in case it was hijacked and the attacker tried to change their email.
I have a requirement where I need to log in a new user to a Meteor application by default, and take the user to the reset password route after that.
I looked into this documentation, but I don't think it would apply here, because the password is not known. Here's my use case in detail :-
A user invites another new user by providing the invited user's email ID. The application sends email invite to the user, asking them to be taken to a route which normally requires logging into the application.
The new user who receives the email invite, is not yet signed up with the application. So, they need to pick a password to log in to the invited area of the application.
Currently, I am using the meteor-useraccounts:core package; to trigger the resetPasswd route for FlowRouter. Using the onSubmitHook, one can redirect the user to the proper location after successful reset of the password.
However, I am not able to figure out how to first log in the user automatically. Because if the user is not logged in, the reset password page won't open. Instead, it would show some error, indicating unauthorized action.
How could a link be sent via mail to the invited user, which would automatically log in the user?
I looked into this documentation, but I don't think it would apply
here, because the password is not known.
That is right, and because of that, in order to achieve that you have to create an account for that e-mail at the time the user enters a link sent by e-mail. Or create the account at time of invitation.
So possible solutions:
1) create an account for an e-mail provided in query (http://app/login?email=blabla#google.com) for a route, random password, reset password e-mail sent immediately after the login. (create login automatically login the user). That would also required some security key, so that no-one could create lots of accounts on different e-mail addresses.
2) create account at time of invitation, take random password and send it as a query parameter of the link sent to the invited user. When user enters the site, you take that password (and e-mail) and login him with that, and immediately send reset password for that e-mail
I have a web application that creates user accounts, but I would also like to have the ability to have users that can sign up for subscriptions without accounts. All they have is a subscription page to modify email settings and enable the newsletter subscription.
My questions is how do I verify that the user is who they say they are without a username/password, and my second is how should they access this page. I dont want just anyone typing in the url with the email and access subscription settings for that user.
For each user entry you create a unique access code that you use in the url in order to validate that this is the user you want.
The subscription form will give these options:
subscribe by filling in your email
request to change your settings by just putting your email to another field
both action will send an email to you with a special url
the first to validate that this is made by you so you will enable this user & his email
the second to send him another special url to make any changes to his settings in the case that this use is active in your database.
For this unique code you can use md5 of his email with a timestamp when he was registered.
The main site sends a registration email and I do not want that email to be sent to this new registration as it should have its own custom email. I am having a hard time with this because every time a user registers either on main registration or this custom registration, they get the same mail. How can i keep my custom registration mail separate?
In the administrative interface, you can disable the feature to send email when a user registers. Then, you can just use drupal_mail() and hook_mail() to send your own custom email after the user has registered.
To do that, you will need to use hook_form_alter(), and alter the registration form to redirect to a custom menu callback. After you do that, you can send any email (or do anything else) you want.
Simple way: http://drupal.org/project/advanced_mail_reroute