Why going through the email action handler in email-link authentication?

0
votes

I'm using Firebase Authentication in a web-only application that I'm working on.

In particular, I implemented an email-link authentication flow by taking advantage of the signInWithEmailLink() method.

When calling the method, I provide an actionCodeSettings object that looks like the following:

const actionCodeSettings = {
  handleCodeInApp: true,
  url: 'http://localhost:8080',
};

Clicking on the received link takes me to the email action handler (https://my-app.firebaseapp.com/__/auth/action?continueUrl=xxx&etc) that immediately redirects me to the continueUrl parameter value, which is the url specified in the actionCodeSettings object. Later, on this page, I must call the signInWithEmailLink() method to complete the sign-in flow.

My question is, why isn't the email link pointing directly to that url instead of the email action handler URL, as (correct me if I'm wrong) the email action handler is not doing any kind of processing here apart from basic redirection?

1
firebasefirebase-authentication

1 Answers

1
votes

That page doesn't serve any purpose as far as I know unless Firebase uses it for any internal use. I am not totally sure if this is to prevent losing email reputation by adding 3rd party domains in their emails sent by .firebaseapp.com domain.

If you wish to skip that page then the best option is to use Custom Email Handlers. You can then send direct link to your page which verifies the oobCode (sign in link) and logs user in.