Reputation: 29
How can I allow a user to change his password if they are signed out?
I'm using Firebase Authentication. I have a phone verification. Suppose some user forgot his/her password while he/she is signed out.
After phone verification, I want to allow him/her to change his/her password. (He/she is not signed in).
I can't use getCurrentUser() because he is not signed in.
User's account is created with email(email sign in method). but verification is made with phone number.
So, how can I do this??
Upvotes: 0
Views: 55
Answers (1)
Reputation: 317740
You can change a user's password with updatePassword(). That is a method of the class FirebaseUser. You can only get one of these objects when the user is signed in. So, it's not possible to have a user change their own password unless they are signed in.
The only alternative to this is to build a "back door" that allows a user to fill out some form and submit it to your backend, so that you can use the Firebase Admin SDK to update the user account directly, bypassing the normal security concerns. The Admin SDK only runs on backends, and not in client apps.
Upvotes: 1
Related Questions
- Change password with Firebase for Android
- How to prevent user from reading after password change?
- How to make a user sign out in Firebase?
- How to make user's password expire using firebase API?
- Updating Firebase Authentication password using user.reauthenticate
- I don't want to Re-authenticate a user if he change password for his account in firebase email password authentication
- FirebaseAuth - Let user change password using any provider - Android
- Firebase auth and sign out
- Firebase sign out to Login Screen
- Firebase: how to intercept password changed?