Send Firebase Reset Password Email After Account Created On Server/Admin

7
votes

I'm creating a website where businesses can offer my service to their clients/users for free. For a business to add a user (under their business account), the business logs in and inputs one of their clients/users email. I then send the client/user email to firebase functions and programmatically create an account.

I would like to send this new user a email saying something like 'Account Created: Reset Password' etc., I could do this using sendPasswordResetEmail on the browser, but this function is not available on Firebase functions/admin.

The best option I can think of it to randomly generate a password for each new user (ie - 'ef53gs'), and share the new password in a Welcome Email, but I think it would be a better experience if the Welcome Email included a link to (re)set their password.

Any idea's how to make something like sendPasswordResetEmail work for firebase functions?

5
firebasefirebase-authenticationgoogle-cloud-functionsfirebase-admin
This is not so much caused by the Cloud Functions for Firebase SDK, but by the fact that the Firebase Admin SDK doesn't have a method to send password reset email. This currently is indeed not possible within the SDKs, you'd have to write your own auth provider, or at least password reset flow. - Frank van Puffelen
Yep. What I can do is make people reset their password on first sign in, but they have to use the random password I create at their original sign in. From the admin sdk, is there anyway I can create a link they click to reset their password (I could email separately with Sendgrid etc), or generate a link from the admin sdk that signs them in without needing a password? - Will
Unfortunately there is no way to generate such a link from the Admin SDK today. You might want to file a feature request, to weigh in on it. - Frank van Puffelen
Link firebase.google.com/docs/auth/admin/email-action-links may be useful to generate reset password url using cloud function. (Section: Generate password reset email link, "firebase-admin" version: 6.4.0) - Alfaz Jikani

5 Answers

9
votes

We ran into the same issue since the firebase-admin does not have a sendPasswordResetEmail() like the firebase SDK does. We ended up just using the firebase client SDK on the server as well alongside the firebase-admin. Works fine.

2
votes

I think a rather better way to do that is to actually use the REST API to reset the users passwords from the admin without adding a client library to the admin site.

curl 'https://www.googleapis.com/identitytoolkit/v3/relyingparty/getOobConfirmationCode?key=[API_KEY]' \
-H 'Content-Type: application/json' \
--data-binary '{"requestType":"PASSWORD_RESET","email":"[[email protected]]"}'

[API KEY] can be retrieved from Project Settings > add an app >> click web and you will get the configuration with a JSON, within the JSON there is an APIKey that is the one that you need to use.

2
votes

The admin sdk has a generatePasswordResetLink which will create the link for you but it's on you then to handle sending the email which you can do using any service you'd like such as mailgun or mandrill. This also gives you more control over the email template.

0
votes

This would be a multi-tenant or multi-level-admin type of app solution. Simply create a web interface where each business can add users to their service. You will need to use the Admin SDK (server) to generate the permissions for each businesses admin. See:

Control Access with Custom Claims and Security Rules

The Firebase Admin SDK supports defining custom attributes on user accounts. This provides the ability to implement various access control strategies, including role-based access control, in Firebase apps. These custom attributes can give users different levels of access (roles), which are enforced in an application's security rules.

0
votes
pb = pyrebase.initialize_app(json.load(open('fbconfig.json')))
link=pb.auth().send_password_reset_email(email)
print("We have sent an password reset link to your email, check your inbox ")

Above code is related to python admin sdk in server sidem, no need of custom template or smtp service to send email