firebase admin SDK create user and send verification email

16
votes

How can I send a verification email after I create a user with firebase admin SDK? I am trying to combine createUser function and sendEmailVerification function could somebody indicate a hint or an answer? thanks

update:

the user creation is being done by an admin user who is already signed in in the app, so the admin user is just creating users on the dashboad. This is completely different from the registeration methods.

update 2:

I tried to follow bojeil's answer, I am still stuck with the step that user signs in with the custom token. It gets into conflict with my current admin user session, the admin users gets kicked out and instead the new user is signed in and even when I sign out the new user, the admin user is still out and needs to sign in to get back into the app.

here is my code inside the app after I get the custom token:

$http.post('/.custom-token', {uid: $scope.data.data.uid})
        .then(function (response) {
            console.log("custom token here:", response.data.token);
            firebase.auth().signInWithCustomToken(response.data.token)
                .then(function (firebaseUser) {
                    firebaseUser.sendEmailVerification();
                    firebase.auth().signOut().then(function() {
                        // Sign-out successful.
                        console.log("signed out success");
                    }, function(error) {
                        // An error happened.
                    });
                })

                .catch(function(error) {
                    // Handle Errors here.
                    var errorCode = error.code;
                    var errorMessage = error.message;
                    // ...
                });

        });

so, I get the token, sign in the new user, send the email verification link, and then, sign out the new user. But my admin user who is doing all of this gets signed out as well. what am I missing here?

4
angularjsfirebasefirebase-authenticationfirebase-admin
Hi! I am looking into something similar. How did you overcome the admin logging out - problem?user165242
you should call the signOut function in the then function of the sendEmailVerification(). Since sendEmailVerification is async, you should wait until the execution is completed and then call the signOut function.DerFaizio

4 Answers

19
votes

OK this is what you can do but you may hit quota limitations:

  • Include the firebase-admin module.
  • Include the firebase client module.
  • using admin sdk, create the new user via createUser
  • when that promise resolves, get the uid of the user created.
  • using admin sdk, create custom token for that uid.
  • using client sdk, signInWithCustom token using that custom token.
  • A user is returned in the process, call user.sendEmailVerification()
  • signOut that user from the client SDK.
4
votes

You don't even need to use the Firebase Admin SDK for this. You can just use the regular Firebase client-side SDK:

firebase.auth().createUserWithEmailAndPassword(email, password)
  .then(function(user) {
     console.log("User successfully created:", user.uid);
     return user.sendEmailVerification();
  })
  .then(function() {
    console.log("Email verification email successfully sent!");
  })
  .catch(function(error) {
    console.log("Error:", error);
  });
4
votes

According to firebase, the admin-sdk does not currently support this feature. See their response here: https://stackoverflow.com/a/44557980/8177355

Whenever an email / password authentication user is logged in, and attempts to use a feature that requires authentication, I call onAuthStateChanged() and then check the user's record for email verification.

If the email is not verified, and I have not sent a verification email before, I send it automatically. I return an error, asking the user to verify their email. (I store a variable in a profile setup for the user in firestore, to indicate whether it has been sent previously).

On future attempts to use the app, if the email is still not verified, I return the same error, and also include a button in the error labeled "re-send verification email" that triggers sending of the verification email when pressed. (This way I am not automatically sending tons of verification emails every time the user tries to do something.)

4
votes

A rather clean solution would be to actually use the REST APIs.

curl 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/getOobConfirmationCode?key=[API_KEY]' \
-H 'Content-Type: application/json' \
--data-binary '{"requestType":"PASSWORD_RESET","email":"[[email protected]]"}'

The [API KEY] is a web client api key that can be retrieved from Project Settings > add an app >> click web and you will get the configuration with a JSON, within the JSON there is an APIKey that is the one that you need to use.