I need to add to my current code, the necessary functionality and the exact code so that the user must verify the email before logging in.
Now, the user registers and automatically accesses all the functions of the application and its user panel. I want to add the necessary function so that when a user registers, a message is shown telling him that: You must verify your email In this way we ensure that it is a valid email and avoid the registration of SPA users.
I need the user to verify her email to be able to log in, until she does, she can continue using the App as she did, without logging in.
You can see that I did several tests, and other users tried to help me, but we have not achieved what is necessary, since I need to add the functionality to the code that I have now, since it is the only way I know to continue building my application.
The app has registration with Firebase, registered by email and password and I’m using Formik to control the state of the form and Yup to validate.
I have read Firebase documentation about "Send a verification message to a user",
This is the Firebase function:
```
const auth = getAuth();
sendEmailVerification(auth.currentUser)
.then(() => {
// Email verification sent!
// ...
})
```
The registration system I use now is Mail and Password. The user enters an email, a password, verifies the password and is automatically registered in the application.
I did several tests trying to add sendEmailVerification to my registration system, and for now what I have achieved is that the confirmation email arrives to the user (SPA folder) but the confirmation email arrives after the user already registered and use the app.
It would be necessary that the user could not register until receiving and confirming the "Confirmation Email"
I need a code example that fits my current app, I don’t have the knowledge to change all my code, this is the base of my app.
What do I have to do so that this works correctly and the verification email arrives before the user can register?
What am I doing wrong in my code?
I show the application on GitHub, so they can see all the files
You can test the project as it is built with Expo:
exp://exp.host/@miguelitolaparra/restaurantes-5-estrellas?release-channel=default
This is the method I’m using to register users:
const formik = useFormik({
initialValues: initialValues(),
validationSchema: validationSchema(), // validate the form data
validateOnChange: false,
onSubmit: async(formValue) => {
try { // send the data to Firebase
const auth = getAuth()
// sendEmailVerification(auth.currentUser)
await createUserWithEmailAndPassword(
auth,
formValue.email,
formValue.password
)
sendEmailVerification(auth.currentUser)
navigation.navigate(screen.account.account)
} catch (error) {
// We use Toast to display errors to the user
Toast.show({
type: "error",
position: "bottom",
text1: "Failed to register, please try again later",
})
}
},
})
And I also show you the complete file:
import { useFormik } from 'formik'
import { getAuth, createUserWithEmailAndPassword, sendEmailVerification } from 'firebase/auth'
export function RegisterForm() {
const [showPassword, setShowPassword] = useState(false)
const [showRepeatPassword, setShowRepeatPassword] = useState(false)
const navigation = useNavigation()
const formik = useFormik({
initialValues: initialValues(),
validationSchema: validationSchema(), // validate the form data
validateOnChange: false,
onSubmit: async (formValue) => {
try { // send the data to Firebase
const auth = getAuth()
//sendEmailVerification(auth.currentUser)
await createUserWithEmailAndPassword(
auth,
formValue.email,
formValue.password
)
sendEmailVerification(auth.currentUser)
navigation.navigate(screen.account.account)
} catch (error) {
// We use Toast to display errors to the user
Toast.show({
type: "error",
position: "bottom",
text1: "Error al registrarse, intentelo mas tarde",
})
}
},
})
// function to hide or show the password
const showHidenPassword = () => setShowPassword((prevState) => !prevState)
const showHidenRepeatPassword = () => setShowRepeatPassword((prevState) => !prevState)
return (
// Registration form interface
<View>
<Input
placeholder="Correo electronico"
keyboardType="email-address"
containerStyle={AuthStyles.input}
rightIcon={
<Icon type="material-community" name="at" iconStyle={AuthStyles.icon} />
}
onChangeText={(text) => formik.setFieldValue("email", text)}
errorMessage={formik.errors.email}
/>
<Input
placeholder="Contraseña"
containerStyle={AuthStyles.input}
secureTextEntry={showPassword ? false : true}
rightIcon={
<Icon
type="material-community"
name={showPassword ? "eye-off-outline" : "eye-outline"}
iconStyle={AuthStyles.icon}
onPress={showHidenPassword}
/>
}
onChangeText={(text) => formik.setFieldValue("password", text)}
errorMessage={formik.errors.password}
/>
<Input
placeholder="Repetir contraseña"
containerStyle={AuthStyles.input}
secureTextEntry={showRepeatPassword ? false : true}
rightIcon={
<Icon
type="material-community"
name={showRepeatPassword ? "eye-off-outline" : "eye-outline"}
iconStyle={AuthStyles.icon}
onPress={showHidenRepeatPassword}
/>
}
onChangeText={(text) => formik.setFieldValue("repeatPassword", text)}
errorMessage={formik.errors.repeatPassword}
/>
<Button
title="REGISTRATE"
containerStyle={AuthStyles.btnContainer}
buttonStyle={AuthStyles.btn}
onPress={formik.handleSubmit} // send the form
loading={formik.isSubmitting}// show loading while doing user registration
/>
</View>
)
}
And this is the file to validate the form with Yup RegistreFormValidar.js
import * as Yup from "yup"
// object that has the elements of the form
export function initialValues() {
return {
email: "",
password: "",
repeatPassword: "",
}
}
// validate the form data whit Yup
export function validationSchema() {
return Yup.object({
email: Yup.string()
.email("El email no es correcto")
.required("El email es obligatorio"),
password: Yup.string().required("La contraseña es obligatoria"),
repeatPassword: Yup.string() // validate that the passwords are the same
.required("La contraseña es obligatoria")
.oneOf([Yup.ref("password")], "Las contraseñas tienen que ser iguales"),
})
}
3
Answers
As far as I understood, you need to verify email address of the user first, then create the user. Blocking functions maybe what you need.
This Firebase function will trigger before a new user is saved to the Firebase Authentication database, and before a token is returned to your client app. However, I think after this function executes, user is created. To prevent user creation you may have to implement a more complex flow.
One naive approach I can think of is as follows: After sending email to user, do not terminate the function and inside the function periodically check if user’s email address is verified. Also set a timeout option and reject user creation after timeout. As expected, this approach increases the function execution time and can be costly.
If you are fine with the user being created in the Firebase Authentication database, I suggest implementing the solution stated in the documentation.
This will block users with unverified emails from logging into your app.
Check this documentation for other possible options: https://firebase.google.com/docs/auth/extend-with-blocking-functions#requiring_email_verification_on_registration
You have several options to achieve your purpose.
First, to fix the SPA issue, you can use a custom domain, as shown on Firebase
To get what you are looking for, you can follow these steps:
1 – The user registers with an email address.
2 – The new record is created, but with status "To be verified" and an activation string is assigned.
3 – You send user data and activation string, along with a link to verify registration.
4 – The user clicks on the link, enters their data and, if they are valid, you change the status to "Active".
You can try to do it.
You also have the option to do it with "Authenticate with Firebase via email link"
-Then send an authentication link to the user’s email address.
To start the authentication process, show the user an interface that prompts them to enter their email address, then call
sendSignInLinkToEmailto ask Firebase to send the authentication link to the user’s email.You can see all the details in the official Firebase documentation
1 – Build the
ActionCodeSettingsobject, which provides Firebase with instructions to build the email link2 – Ask the user for the email.
3 – Send the authentication link to the user’s email and save their email in case the user completes the login with email on the same device
Finally complete the access with the email link.
This is not exactly what you are looking for, but it may help.
Put this listener in your route You can tweak it according to your usage