Firebase Auth UI如何处理重新认证? [英] How does Firebase Auth UI deal with reauthentication?
问题描述
我正在使用Firebase Auth来购买我的Swift iOS应用。 Google建议使用Firebase Auth UI作为drop in身份验证系统,但它只处理初始登录。我现在正在努力允许用户进行配置文件更改,例如电子邮件和密码。
I'm using Firebase Auth for my Swift iOS app. Google recommends using Firebase Auth UI as a "drop in" authentication system, but it only handles the initial login. I'm now working on allowing the user to make profile changes, such as email and password.
在某些更改需要的地方提到进行这些更改的文档用户最近已登录(请参阅 https:// firebase。 google.com/docs/auth/ios/manage-users#get_the_currently_signed-in_user ):
The documentation for making these changes mentions in several places that certain changes require the user to have logged in recently (see https://firebase.google.com/docs/auth/ios/manage-users#get_the_currently_signed-in_user):
一些安全敏感操作 - 例如删除帐户,设置主电子邮件地址和更改密码 - 要求用户最近登录。如果您执行其中一项操作,并且用户很久以前已登录,则操作将失败并显示FIRAuthErrorCodeCredentialTooOld错误。
Some security-sensitive actions—such as deleting an account, setting a primary email address, and changing a password—require that the user has recently signed in. If you perform one of these actions, and the user signed in too long ago, the action fails with the FIRAuthErrorCodeCredentialTooOld error.
首先,似乎没有 FIRAuthErrorCodeCredentialTooOld API中的任何位置的错误。
First of all, there doesn't appear to be a FIRAuthErrorCodeCredentialTooOld error anywhere in the API.
其次,d ocumentation建议使用 reauthenticate(with:)来解决这个问题,使用以下代码示例:
Second, the documentation suggests using reauthenticate(with:) to solve this problem, with this code sample:
let user = FIRAuth.auth()?.currentUser
var credential: FIRAuthCredential
// Prompt the user to re-provide their sign-in credentials
user?.reauthenticate(with: credential) { error in
if let error = error {
// An error happened.
} else {
// User re-authenticated.
}
}
问题是,因为我使用了Firebase Auth UI,我没有用于获取用户凭据的自定义UI。
The problem is, because I used Firebase Auth UI, I have no custom UI for getting the user's credentials.
我当前的想法是,我可以通过在发生此错误时显示用于登录的相同Firebase Auth UI来重新进行身份验证。但是,我不知道这是否是受制裁的方式,或者它是否会起作用,或者它是否会在将来继续发挥作用。我查看了Firebase Auth UI代码库,并且无法在任何地方调用 reauthenticate()。该文档特别针对此错误调用此方法,所以我很困惑。
My current thinking is I could reauthenticate by presenting the same Firebase Auth UI used for logging in when this error occurs. However, I don't know if this is the sanctioned way to do this, or if it will work at all, or if it will continue to work in the future. I checked the Firebase Auth UI code base and there is no call to reauthenticate() anywhere. The documentation makes a big deal of calling this method specifically in case of this error, so I'm confused.
如果我需要构建一个完整的UI来执行重新认证,包括多个提供商,使用Firebase Auth UI有什么意义?
If I need to build an entire UI to perform reauthentication, including multiple providers, what's the point of using Firebase Auth UI?
推荐答案
关于错误代码,文档只需要更新。错误代码现在称为 FIRAuthErrorCode.errorCodeRequiresRecentLogin 。
Regarding the error code, the documentation just needs updating. The error code is now called FIRAuthErrorCode.errorCodeRequiresRecentLogin.
现在,从您面临的UI问题来看,为什么不提供一个 UIAlertController ,其中包含一个文本字段,用户可以使用该字段输入密码进行重新认证?它肯定比创建一个完整的视图控制器更简单(和用户更友好)。
Now, as of the UI problem you're facing, why not just present a UIAlertController with a text field that the users can use to enter their passwords for re-authentication? It's certainly much simpler (and user-friendlier) than creating an entire view controller.
这是一个非常简单的示例,说明如何重新验证用户而不经过这样的操作很麻烦:
Here's a pretty straightforward sample of how you can re-authenticate your users without going through so much trouble:
// initialize the UIAlertController for password confirmation
let alert = UIAlertController(title: "", message: "Please, enter your password:", preferredStyle: UIAlertControllerStyle.alert)
// add text field to the alert controller
alert.addTextField(configurationHandler: { (textField) in
textField.placeholder = "Password"
textField.autocapitalizationType = .none
textField.autocorrectionType = .no
textField.isSecureTextEntry = true
})
// delete button action
alert.addAction(UIAlertAction(title: "Delete account", style: UIAlertActionStyle.destructive, handler: {action in
// retrieve textfield
let txtFld = alert.textFields![0]
// init the credentials (assuming you're using email/password authentication
let credential = FIREmailPasswordAuthProvider.credential(withEmail: (FIRAuth.auth()?.currentUser?.email)!, password: txtFld.text!)
FIRAuth.auth()?.currentUser?.reauthenticate(with: credential, completion: { (error) in
if error != nil {
// handle error - incorrect password entered is a possibility
return
}
// reauthentication succeeded!
})
}))
// cancel reauthentication
alert.addAction(UIAlertAction(title: "Cancel", style: UIAlertActionStyle.cancel, handler: {action in }))
// finally, present the alert controller
self.present(alert, animated: true, completion: nil)
每当您需要更改用户的电子邮件或删除他们的帐户(密码重置根本不需要登录)时,请使用上面的代码片段弹出警报控制器他们可以重新输入密码。
Whenever you need to change the user's email or delete their account (password reset doesn't require a login at all), use the snippet above to just pop up an alert controller where they can re-enter their password.
编辑:请注意,上面提供的代码强制解包当前用户的电子邮件,因此请确保您有用户登录在那个阶段或你的应用程序将崩溃。
Please note that the code provided above force-unwraps the current user's email, so make sure you have a user logged-in at that stage or your app will crash.
这篇关于Firebase Auth UI如何处理重新认证?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
