Question 118889 in Firebase Question posted in
An extensive official documentation can be found here.

How do I re authenticate a user created by firebase admin sdk

I’ve moved all my user creation and authentication to Firebase using the admin SDK and google identity provider. I can create a user fine, and I’m adding a password (also still my code for creating a password is in there, I can’t figure out how to re authenticate a user. I’ve seen some answers to use EmailAuthProvider, however that class doesn’t exist. My create user code

fun createUser(request: HttpServletRequest?, response: HttpServletResponse?, createUserRequest: CreateUserRequest): User {

        val hashedPassword = PasswordUtil.hashPassword(createUserRequest.password.trim())

        val user: User = Mapper.convert(createUserRequest)
        val trimmedEmail = user.email.trim()
        user.email = trimmedEmail

        usersRepo.save(user)

        CoroutineScope(Dispatchers.IO).launch {
            FirestoreClient.getFirestore().collection("users").document(user.id.toString()).set(user)
        }

        val auth = FirebaseAuth.getInstance()

        val request = CreateRequest()
            .setUid(user.id.toString())
            .setDisplayName(user.username)
            .setEmailVerified(false)
            .setEmail(user.email)
            .setPassword(createUserRequest.password)

        auth.createUser(request)

        val password = Password()
        password.password = hashedPassword
        password.user = user
        passwordsRepo.save(password)

        CoroutineScope(Dispatchers.IO).launch {
            try {
                marketplace.generateUsersWallets(user)
            } catch (e: Exception) {
                e.printStackTrace()
            }
        }

        val link = FirebaseAuth.getInstance().generateEmailVerificationLink(user.email)
        awsSesService.sendEmailVerification(user.email, link)

        return user
    }

The packages I’m using are

 //firebase
    implementation("com.google.firebase:firebase-admin:9.1.1")
    // Import the BoM for the Firebase platform
    implementation(platform("com.google.firebase:firebase-bom:30.4.1"))

    implementation("com.google.firebase:firebase-firestore-ktx")

FirebaseAuth works fine for sign up, but how do I log them back in?
thanks

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Well I basically found the answer, I have no idea why google has this buried away. Basically the admin sdk's can't authenticate, however the google identity rest api can. https://cloud.google.com/identity-platform/docs/use-rest-api#section-sign-in-email-password

    Now the weird part is there isn't a way to sign in and get a custom JWT token back as you would in the firebase SDK, instead you get a payload with an IdToken and Refresh token. Now since the whole point of custom tokens is for clients to sign in with them and then send the id token you kind of have to make two loops, sign in with email/password, then if that passes create a new custom token. Ill post finished code when completed


  2. 0

    Working code, only part missing is making the REST api call which you can do any, point should be clear though

     /**
 * Logs in a user if the password hash is equal
 */
@Throws(IllegalArgumentException::class, FirebaseAuthException::class)
fun login(request: HttpServletRequest, response: HttpServletResponse, loginUserRequest: LoginUserRequest): User? = runBlocking {

    //find the user in google
    val userRecord = FirebaseAuth.getInstance().getUserByEmail(loginUserRequest.email)

    if (userRecord != null) {
        //find the user by our UUID
        val user = usersRepo.findUserById(userRecord.uid.toUUID())

        if (user != null) { //log them in

            try {

                googleIdentityService.apiClient.signInWithEmailAndPassword(SignInRequest(userRecord.email.toString(), loginUserRequest.password))

                val customToken = FirebaseAuth.getInstance().createCustomToken(user.id.toString())
                response.setHeader("JWT", customToken)

                return@runBlocking user

            } catch (e: Exception) {
                e.printStackTrace()
            }
        }
    }
    throw ResponseStatusException(HttpStatus.NOT_FOUND, "invalid email or password")
}
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search