Firebase Admin SDK-根据服务器上的变量检查用户密码 [英] Firebase Admin SDK - Check user's password against variable on server

问题描述

我正在尝试为用户实施一项功能，以便用户在登录时在其设置页面中更改其密码，并且当他们尝试更改该密码时，我要求用户使用旧密码和新密码，以提高安全性措施.我的问题是我无法找到一种方法来验证用户的旧密码是否正确.有没有简单的方法可以做到这一点?

I am trying to implement a feature for a user to change their password in their settings page when they are logged in, and I require the user's old password as well as the new password when they try to change it as an extra security measure. My problem is that I cannot find a way to verify if the user's old password is correct. Is there an easy way to do this?

我在服务器上收到输入的表单输入，因此解决方案必须在后端(node.js)

I receive the entered form inputs on the server so the solution would have to be on the backend (node.js)

非常感谢

推荐答案

您必须在客户端执行此操作.这不是admin SDK旨在处理的操作.您将要求当前用户输入密码并重新进行身份验证，然后更新密码:

You have to do it client side. This is not an operation that the admin SDK is designed to handle. You will ask the current user for the password and reauthenticate with it and then update password:

const cred = firebase.auth.EmailAuthProvider.credential(
    firebase.auth().currentUser.email, oldPass);
firebase.auth().currentUser.reauthenticateWithCredential(cred)
  .then(() => {
    return firebase.auth().currentUser.updatePassword(newPass);
  })
  .catch((error) => {
    // Some error.
  });

这篇关于Firebase Admin SDK-根据服务器上的变量检查用户密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！