CODEWITHSUNDEEP
firebasefirebase-authentication
Walter Monecke
Walter Monecke

Reputation: 2558

Firebase auth emails are expired when clicked

I am implementing email login in my app and it worked when I setup the project i.e. when I implemented it. I might have deleted some API key in my google console or something but now every time I click on the link inside the emails (verification or reset) I get the message:

Try verifying your email again

Your request to verify your email has expired or the link has already been used

I know this might be a duplicate of this question, however I can't seem to find an answer.

The link of the email I receive has an API key attached. The attached API key does not appear anywhere in my google cloud console. It appears in my firebase console under:

Web API key: the_web_api_key

Therefore the link I receive in the emails looks like this:

https://<appName>.firebaseapp.com/__/auth/action?mode=verifyEmail&oobCode= <oobCode>&apiKey=<the_web_api_key>

However this the_web_api_key does not match the apiKey in my config initialisation object. There you can find the legacy server key:

let config = {
  apiKey: legacy_server_key,
  authDomain: "<appname>.firebaseapp.com",
  databaseURL: "https://<appname>.firebaseio.com",
  projectId: "<appname>",
  storageBucket: "<appname>",
  messagingSenderId: "<senderId>"
}

The legacy server key appears as a server key in my google cloud console.

Maybe that could be the problem? Should I be using the Web Api Key in the initialisation object? I remember this working in the past how it currently is, so I am just confused.

Upvotes: 4

Views: 3064

Answers (2)

Ido Bleicher
Ido Bleicher

Reputation: 857

Cliff thank you very much for the answer, I wanted to add to this, There is no way to update the Firebase WEB API key set. I had to delete the automatically selected API key and then it's auto-shuffled to the other API key I wanted. Later I restored it on the GCP platform.

But it's really annoying and hopefully, they solve it. I opened a ticket on their end also. Hope this helps.

Summary:

  1. Delete the Other Key from the GCP
  2. Firebase will automatically set the other Key to be the Web API Key (Can't manually change from the website).
  3. Restore the old key :) if you need it.

Hope it helps.

Upvotes: 0

Cliff Coulter
Cliff Coulter

Reputation: 472

A workaround to reset the password that worked for me was to swap out the old API key with your new API key in the password reset email link.

Get the link from the password reset email it sends you when you reset your password:

https://(PROJECT-ID).firebaseapp.com/__/auth/action?mode=resetPassword&oobCode=DLAe_N4ZmPUA0r7TYa0Il9NCjsc1edkt7F3PouX060UAAAFyPoDCUg&apiKey=(OLD-API-KEY)&lang=en

and update it with the new key:

https://(PROJECT-ID).firebaseapp.com/__/auth/action?mode=resetPassword&oobCode=DLAe_N4ZmPUA0r7TYa0Il9NCjsc1edkt7F3PouX060UAAAFyPoDCUg&apiKey=(NEW-API-KEY)&lang=en

You can find your API key in Google's console: https://console.cloud.google.com/home/dashboard?folder=&organizationId=&project=(PROJECT-ID)

enter image description here

Upvotes: 2

Related Questions