CODEWITHSUNDEEP
angulartypescriptfirebasefirebase-authenticationionic3
Ramtin Soltani
Ramtin Soltani

Reputation: 2700

Firebase Auth Password Reset: How to properly send a password reset email including the confirmation code?

I'm stuck at getting Firebase to send a password reset email including the confirmation code that's needed for the method firebase.auth().verifyPasswordResetCode(code).

I'm using the sendPasswordResetEmail(email) method and the email includes a link which lets users create a new password.

Since I have placed some restrictions on the passwords (they must include a number), this would break the restriction.

I can't find anything in the docs on how to send the confirmation code to an email for password reset.

This is how I'm using it:

public sendResetPasswordEmail(email: string): Promise<any> {

  return this.fireAgent.firebase.auth().sendPasswordResetEmail(email, {
    url: 'http://localhost:8100/',
    handleCodeInApp: true
  });

}

Any help would be appreciated.

Upvotes: 6

Views: 5761

Answers (1)

Francisco Durdin Garcia
Francisco Durdin Garcia

Reputation: 13317

As far as I know, Firebase Authentication doesn't allow you to specify the kind of password that the user can insert on the url that the reset-password email provides you. But, you should be able to achieve it using the verification code authentication service.

To use the verification code, you need to add an object ActionCodeSetting to your sendPasswordResetEmail method. It should look like this:

var actionCodeSettings = {
  // URL you want to redirect back to. The domain (www.example.com) for this
  // URL must be whitelisted in the Firebase Console.
  url: 'https://www.example.com/finishSignUp?cartId=1234',
  // This must be true.
  handleCodeInApp: true,
  iOS: {
    bundleId: 'com.example.ios'
  },
  android: {
    packageName: 'com.example.android',
    installApp: true,
    minimumVersion: '12'
  }
};

On your case the only thing that interest your is handleCodeInApp. In that way the email will provide you with a code that you will need to put by hand on verifyPasswordResetCode.

After this, you can put the new password by hand in your client, without use Firebase email provider. Just call confirmPasswordReset("verificationCode", "newPassword") after check that the verification code is valid with verifyPasswordResetCode.

Hope that this will help you!

Upvotes: 6

Related Questions