I am actually develloping an iOS app in Swift which use Firebase as online Database. So the concept is : User can sign up with the firebase Authentification email and password then I write the email and the password in Database. But now, I wanted to implement a Reset mail password with Firebase Auth send password reset. This function work very well but I want to update the password in database too. I don't know to do it. Here is my code:
我实际上在Swift中开发了一个iOS应用程序,它使用Firebase作为在线数据库。所以概念是:用户可以使用firebase Authentification电子邮件和密码注册,然后我在数据库中写入电子邮件和密码。但现在,我想用Firebase Auth发送密码重置来实现重置邮件密码。这个功能工作得很好,但我也想更新数据库中的密码。我不知道这样做。这是我的代码:
@IBOutlet weak var txt_mail: UITextField!
Auth.auth().sendPasswordReset(withEmail: txt_mail.text!) { (error) in
let alertController = UIAlertController(title: "Error", message: error?.localizedDescription, preferredStyle: .alert)
let defaultAction = UIAlertAction(title: "OK", style: .cancel, handler: nil)
alertController.addAction(defaultAction)
self.present(alertController, animated: true, completion: nil)
}
This code send reset email to user and user'll change his password from the link which send him by mail, how can I recover password?
此代码向用户发送重置电子邮件,用户将通过邮件发送给他的链接更改密码,如何恢复密码?
1 个解决方案
#1
0
First, why are you storing user passwords? Are you storing them in plain text? This is certainly NOT secure and I recommend that you do not do this.
首先,为什么要存储用户密码?你用纯文本存储它们吗?这当然不安全,我建议你不要这样做。
Firebase DOES NOT store users passwords. It stores the hash of the passwords. This is the proper way to store passwords and cannot be converted into plain text. Additionally, there is no API for getting the user's password. Again this is due to security concerns.
Firebase不会存储用户密码。它存储密码的哈希值。这是存储密码的正确方法,无法转换为纯文本。此外,没有用于获取用户密码的API。这又是出于安全考虑。
In the event that you don't want to listen. Then you have only one potential option. You can use changePasswordForUser()
which allows you to update the password in your app. This however, requires that the user knows their current password. The only way to reset a password that is not know is with resetPasswordForUser()
.
如果你不想听。那么你只有一个潜在的选择。您可以使用changePasswordForUser()来更新应用中的密码。然而,这要求用户知道他们当前的密码。重置密码的唯一方法是使用resetPasswordForUser()。
However, since you have the password saved in the database perhaps you can design a work around to use that password to authenticate a user and then update their password or you can ask the user to update their password the next time they sign in after updating their password (you can re-authenticate them with their updated password to make sure it is accurate). Again I do NOT recommend doing this.
但是,由于您已将密码保存在数据库中,因此您可以设计一种解决方法,使用该密码对用户进行身份验证,然后更新其密码,或者您可以要求用户在下次更新后登录时更新其密码密码(您可以使用更新的密码对其进行重新验证,以确保其准确无误)。我再也不建议这样做。
Take a look at these links for more information:
请查看这些链接以获取更多信息:
How to get an authenticated users password and email
如何获取经过身份验证的用户密码和电子邮件
管理Firebase中的用户
How to verify users current password?
如何验证用户当前密码?
#1
0
First, why are you storing user passwords? Are you storing them in plain text? This is certainly NOT secure and I recommend that you do not do this.
首先,为什么要存储用户密码?你用纯文本存储它们吗?这当然不安全,我建议你不要这样做。
Firebase DOES NOT store users passwords. It stores the hash of the passwords. This is the proper way to store passwords and cannot be converted into plain text. Additionally, there is no API for getting the user's password. Again this is due to security concerns.
Firebase不会存储用户密码。它存储密码的哈希值。这是存储密码的正确方法,无法转换为纯文本。此外,没有用于获取用户密码的API。这又是出于安全考虑。
In the event that you don't want to listen. Then you have only one potential option. You can use changePasswordForUser()
which allows you to update the password in your app. This however, requires that the user knows their current password. The only way to reset a password that is not know is with resetPasswordForUser()
.
如果你不想听。那么你只有一个潜在的选择。您可以使用changePasswordForUser()来更新应用中的密码。然而,这要求用户知道他们当前的密码。重置密码的唯一方法是使用resetPasswordForUser()。
However, since you have the password saved in the database perhaps you can design a work around to use that password to authenticate a user and then update their password or you can ask the user to update their password the next time they sign in after updating their password (you can re-authenticate them with their updated password to make sure it is accurate). Again I do NOT recommend doing this.
但是,由于您已将密码保存在数据库中,因此您可以设计一种解决方法,使用该密码对用户进行身份验证,然后更新其密码,或者您可以要求用户在下次更新后登录时更新其密码密码(您可以使用更新的密码对其进行重新验证,以确保其准确无误)。我再也不建议这样做。
Take a look at these links for more information:
请查看这些链接以获取更多信息:
How to get an authenticated users password and email
如何获取经过身份验证的用户密码和电子邮件
管理Firebase中的用户
How to verify users current password?
如何验证用户当前密码?