0

We have Email Link active today but would like to go over to a regular email+password login.

To implement this we need to create forgoten pw, create account, etc pages.

I cannot just disable it because then users won't be able to login in prod. I'm wondering though if "Email link" is active can you still use forgotten password and login via Password? We don't want to pay for another Firebase project just to be able to test this before we switch over.

I have implemented forgotten password but I receive no email locally, the login via Link email I do recieve and it works even locally.

There are no errors reported when the below is called if the email already exists but I just don't receive any email, if the email doesn't exist it returns an error.

Is it somehow related to this? Calling sendPasswordResetEmail() within Cloud Functions for Firebase

const admin = require('firebase-admin')

const serviceAccount = require('./yadayada')

admin.initializeApp({
  credential: admin.credential.cert(serviceAccount),
  databaseURL: 'https://something.firebaseio.com',
})    

router.post('/forgot', async (req, res) => {
  const { env } = req

  try {
    const { email } = req.body
    console.log('forgot', email)
    await admin.auth().generatePasswordResetLink(email)
    res.status(200).send('ok')
  } catch (error) {
    if (env !== 'production') {
      res.status(200).send(error.message)
    } else {
      // maybe the user didn't exist but we don't want to let hackers know which emails exist!
      res.status(200).send('ok')
    }

    console.log(error.message)
  }
})
OZZIE
  • 6,609
  • 7
  • 55
  • 59

1 Answers1

0

(Edit: Server-side):

Apparently it just creates a link and you have to deal with sending that in an email yourself.. #"##%Q#

await admin.auth().generatePasswordResetLink(email, {
  url: continueUrl,
})
  .then((link) => {
    // The link was successfully generated.
    // @todo send this link to email yourself b****
  })
  .catch((error) => {
    // Some error occurred, you can inspect the code: error.code
  })

And then you need your SMTP details and install this https://firebase.google.com/products/extensions/firestore-send-email

Makes no sense since it sends the magic login link all by itself and there is already a forgotten password template... but it's all I found so far at least...

Free and easier version but without easy to manage email templates: https://stackoverflow.com/a/58938290/846348

EDIT: If you use the clientside approach it does send the email and you can configure how the template looks inside firebase, however it seems you then cannot use <table> tags which all fancy html-emails use so you can't really style it in any nice way then instead..

sendPasswordResetEmail(email)
OZZIE
  • 6,609
  • 7
  • 55
  • 59