Firebase updating password (current pass and new pass)

Question

I've been struggling about the change password functionality of my app. I am confused on how I can compare the current pass and store the new password thru firebase database.

Please don't be harsh on me on comments, educate me please. I did research first before asking and tried several times. Most of the tutorials I found are about updating data while clicking an item in listview. The reason why I use db to store users is because I am going to create 2 keys that identifies if user is student or professor.I just want to ask help how am I able to implement change of password.

ChangePassAccount.class

 public class ChangePassAccount extends AppCompatActivity {

    Button btnSave;
    EditText cpass, npass;
    String pass, newpass;

    DatabaseReference dbPDF;

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        getSupportActionBar().hide();
        setContentView(R.layout.activity_change_pass_account);

        dbPDF = FirebaseDatabase.getInstance().getReference("users").child("password");

        cpass = (EditText)findViewById(R.id.currentpass);
        npass = (EditText)findViewById(R.id.newpass);

        btnSave = (Button) findViewById(R.id.btnsave);
        btnSave.setBackgroundResource(R.drawable.button);

        btnSave.setOnClickListener(new View.OnClickListener() {
            @Override
            public void onClick(View view) {

                pass = cpass.getText().toString();
                newpass = npass.getText().toString();


            }
        });

    }
}

Answer 1

i'll suggest you to using firebase auth to manage User Login or Changes password etc.. So maybe you only has to store user Data by UserInfo

this is a sample from Firebase-Manage User to change the user password

FirebaseUser user = FirebaseAuth.getInstance().getCurrentUser();
String newPassword = "SOME-SECURE-PASSWORD";

user.updatePassword(newPassword)
        .addOnCompleteListener(new OnCompleteListener<Void>() {
            @Override
            public void onComplete(@NonNull Task<Void> task) {
                if (task.isSuccessful()) {
                    Log.d(TAG, "User password updated.");
                }
            }
        });

Answer 2

First you need to read the current password using single value event listener

pass = cpass.getText().toString();
newpass = npass.getText().toString();

dbPDF.addValueEventListener(addListenerForSingleValueEvent(){
    @Override
    public void onDataChange(DataSnapshot dataSnapshot) {
        // Get Post object and use the values to update the UI
        String password = dataSnapshot.getValue(String.class);
        if(password.equals(pass)){
            dbPDF.setValue(newpass);
        }else{
            // show wrong pass dialog
        }
        // ...
    }

    @Override
    public void onCancelled(DatabaseError databaseError) {
        // Getting Post failed, log a message
        Log.w(TAG, "loadPost:onCancelled", databaseError.toException());
        // ...
    }
};

Also make sure dbref is correct

String username = "helpmepls";
dbPDF = FirebaseDatabase.getInstance().getReference("users").child(username).child("password");

Answer 3

This is not a very technical answer but I ran into this problem in iOS recently.

There is a FirebaseAuth method named 'reauthenticate' that can be found here. This takes a credential that you create by asking for the user's password and getting the email from currentUser. If this returns successful you will know that password is correct. After reauthenticated you can call updatePassword with the new password.

As a suggestion you should not need to store the password separately in the database since Firebase will handle all this for you.

Hope this helps out, good luck!

Answer 4

You'd use a Firebase Database transaction for that. This gives you the current value, which you then compare against the old password. If they match, you return the new password.

Something like:

passwordRef.runTransaction(new Transaction.Handler() {
    @Override
    public Transaction.Result doTransaction(MutableData mutableData) {
        String password = mutableData.getValue(String.class);
        if (password.equals(oldPassword) {
            mutableData.setValue(newPassword);
            return Transaction.success(mutableData);
        }
    }

    @Override
    public void onComplete(DatabaseError databaseError, boolean b, DataSnapshot dataSnapshot) {
        Log.d(TAG, "passwordTransaction:onComplete:" + databaseError);
    }
});