2

i'm using firebase 3.0.5

I want members to have the ability to register other members through their account. Is there a way to prevent firebase from auto-signing new registrants in using createUserWithEmailAndPassword?

https://firebase.google.com/docs/auth/web/password-auth#create_a_password-based_account

I'm sure I can find another way to do this, but not auto-signing them in would make things much much simpler for me.

EDIT: when a new member is signed up via an existing member, a random password is created and emailed to the new member. the existing member never knows the new members password.

Frank van Puffelen
  • 565,676
  • 79
  • 828
  • 807
Eric Shell
  • 913
  • 2
  • 8
  • 19

1 Answers1

0

Use createUser instead of createUserWithEmailAndPassword

As documented here: https://www.firebase.com/docs/web/api/firebase/createuser.html

Creates a new email / password user with the provided credentials. This method does not authenticate the user. After the account is created, the user may be authenticated with authWithPassword().

var ref = new Firebase("https://<YOUR-FIREBASE-APP>.firebaseio.com");
ref.createUser({
  email: "bobtony@firebase.com",
  password: "correcthorsebatterystaple"
}, function(error, userData) {
  if (error) {
    switch (error.code) {
      case "EMAIL_TAKEN":
        console.log("The new user account cannot be created because the email is already in use.");
        break;
      case "INVALID_EMAIL":
        console.log("The specified email is not a valid email.");
        break;
      default:
        console.log("Error creating user:", error);
    }
  } else {
    console.log("Successfully created user account with uid:", userData.uid);
  }
});
dcohenb
  • 2,099
  • 1
  • 17
  • 34
  • i forgot to mention it's firebase 3.0.5 – Eric Shell Jun 19 '16 at 13:03
  • 1
    Oh, well i can see why they removed this option.. it is bad practice to have someone create a password for you.. it will make more logic for the admin to provide an email that will send a password reset email.. but i can't seem to find any option for that. – dcohenb Jun 19 '16 at 13:16
  • when a member creates an account, I will have the password randomly generated and emailed to the new member so the existing member will never know the password. – Eric Shell Jun 19 '16 at 13:31
  • i guess the alternative is to create a node with exising and new members, and check it when the new member signs up so the existing gets credit. – Eric Shell Jun 19 '16 at 13:37
  • Do not, I repeat, do not send passwords via email. it is a very bad practice. have a look at http://plaintextoffenders.com/ for more info. As I said, you want to create the user with an unknown temp password and send the user the reset password link so he can pick his own password. – dcohenb Jun 19 '16 at 13:55