i need get the token to reset password user in the reset password email template becuase i will send this token in firebase deep link but the parameter .ConfirmationURL has url with more information, i just need get the token, there is the posibility of get this parameter with a especific name inside the template as .ConfirmationURL? thanks
Update
i have configuration all parameter as shown in the documentation:
Additional redirect URLs
FLutter initialization
await Supabase.initialize(
url: supabaseUrl,
anonKey: supabaseAnnonKey,
authCallbackUrlHostname: 'login-callback',
debug: true,
localStorage: SecureLocalStorage(),
);
if i send the reset email this send fine with a link as the picture, the content of link is this
https://xxxxxxxxxxxxx.supabase.co/auth/v1/verify?token=kiaknuztglhtdcynoaog&type=recovery&redirect_to=https://localhost:3000
Now if i click in the link since the phone, it does not redirect me to the application, but the user is logged in the supabase panel automatically.
I dont understand what i do wrong and for this reason i try use firebase to deep links but the access_token parameter cannot be accessed. so i think that i need help in the last step
Update 2
Finally works, i use the parameter redirectTo inside of resetPasswordEmail and the deeplink connect with the app:
response = await clientSupabase.auth.api.resetPasswordForEmail(
datauser.email,
options: AuthOptions(redirectTo: Credentials.myAuthRedirectUri),
);
Aditional i use the next configuration in setting configuration authentication supabase:
In flutter code i use the next method in the login page, this method just is called when the user clik the link in the reset password mail:
#override
void onReceivedAuthDeeplink(Uri uri) {}
The problem seems that you are redirecting to localhost:3000 upon sign up, but you actually want to redirect to the deeplink you have setup.
When you signup, you can provide a options with redirectTo set as the deeplink you have setup within Supabase's console to redirect the user to a certain page instead of the default site URL.
Supabase.instance.client.auth
.signUp('email', 'password', options: AuthOptions(redirectTo: 'io.supabase.flutterquickstart://login-callback/'));
Related
I'm attempting to set up the Code Model for Google authentication, so that my user can oauth with Google and my app can retrieve their Calendar data. I'm stuck on step 5 here, where I'm supposed to exchange the authorization code for refresh and access tokens. I'm using nestjs in the backend and React in the frontend.
What I've done already that's working:
User clicks a button on my web app's page
Client sets up google.accounts.oauth2.initCodeClient with the /calendar scope, in ux_mode: popup
User is shown the Google popup and can auth thru that
Client receives a response from Google containing the authorization code
Client makes a POST call to my backend to send it just that authorization code
In step 5, the client makes the POST call to localhost:4000/auth/google-test. In the backend, I'm using the googleapis package and have:
export const oauth2Client = new google.auth.OAuth2(
process.env.GOOGLE_CLIENT_ID,
process.env.GOOGLE_CLIENT_SECRET,
'http://localhost:4000/' // <- note, I'm not sure if this is corect
);
And in the relevant controller route, I'm doing:
#Post('google-test')
public async googleTest(#Body() bodyReceived: any): Promise<any> {
let { code } = bodyReceived
let { tokens } = await oauth2Client.getToken(code)
oauth2Client.setCredentials(tokens);
console.log('Tokens: ' + tokens);
return
The error I'm getting is related to oauth2Client.getToken(code), and the error is a redirect_uri_mismatch. In GCP for the credentials for this app, I've added all of these as "Authorized redirect URIs":
http://localhost:3000/home
http://localhost:4000/auth/google-test
http://localhost:4000
What am I doing wrong?
It took a bit more Googling, but turns out that the right answer is to have my server make the token call with the redirect uri as "postmessage".
This SO question gives a bit more context. A somewhat unbelievable message, but it seems to work for my app.
It is evidently that what is happening is that the redirect URI does not match with the one in the GCP. This usually happens because backend tools such as Nestjs may be appending a trailing '/' to the URL and it may be interpreted as being part of the redirect_uri value.
You can try by temoving any trailing '/' via this following method oauthurl.replace(/\/$/, '')
Moreover, you can pass the generated auth URL to a meta tag. And check the html header to confirm what is the URL value.
I've been trying to get authentication working (described below) in my laravel application, following these two tutorials:
https://auth0.com/docs/quickstart/webapp/laravel/01-login
https://auth0.com/docs/quickstart/backend/laravel/01-authorization
On the frontend (angular app):
User clicks log in button and taken to auth0 login page
The user logs in and is redirected back to the callback with the accessToken
The access token is stored on the frontend and passed to Laravel API each request.
On the backend:
User makes a request to my http://localhost/api/route passing the accessToken in the authorisation header
Laravel validates the user is logged in and valid.
Laravel allows access to that route
It works to an extend, but when I try to use postman to access the protected route by passing the accessToken I get the error:
"message": "We can't trust on a token issued by: https://myprojectname.au.auth0.com/."
Is my workflow correct? What am I missing?
Thanks!
Just in case if somebody facing with the same issue. The authorized_iss must contain a trailing slash.
In the laravel-auth0.php file the field,
'authorized_issuers' => 'https://myprojectname.au.auth0.com/'
should be in this form.
I was testing the user account registration system.
When new users sign up for accounts, they are sent a notification email. The email, by default, includes this line:
Login URL: http://mystore.com/
The problem is, that's not the login URL. The login URL is http://mystore.com/login/
The URL seems to be generated by this line in the email template (profiles_info.tpl):
{if $user_data.company_id}{"?company_id=`$user_data.company_id`"|fn_url:'C':'http'}{else}{""|fn_url:'C':'http'}{/if}
But I don't understand how fn_url works (there doesn't seem to be any documentation). So how can I fix the login URL - or what would be the best way to do so?
this function define in /app/functions/fn.common.php
change:
{if $user_data.company_id}{"?company_id=$user_data.company_id"|fn_url:'C':'http'}{else}{""|fn_url:'C':'http'}{/if}
to this:
{''|fn_url:'C':'http'}login/
The login url in CS-Cart can be generated this way: fn_url("auth.login_form"). The auth controller handles the authentication, within this controller, there is a login_form mode, which will display the login screen for the user.
If you would like to display the link in a Smarty template, you can use this code: {"auth.login_form"|fn_url}. This is the proper way, to link the login form, because if you hardcode the /login/ into the template, and later you would like to use a different URL for the login, or you want to use multi-language SEO URL-s, it will fail.
So the correct code in the e-mail template will look like this:
{if $user_data.company_id}{"auth.login_form?company_id=`$user_data.company_id`"|fn_url:'C':'http'}{else}{"auth.login_form"|fn_url:'C':'http'}{/if}
I am trying to setup a custom account verification and password reset page on my own domain but I am getting errors when reset the password. If followed the instructions in the link below but it always fails.
http://docs.appcelerator.com/arrowdb/latest/#!/api/Users-method-request_reset_password
I have setup a page with the URL structure https://example.com/resetPassword/?reset_password_token={{reset_password_token}}.
This is the URL in the reset password email, when I clicking on the link in the email the page load with the form fields visible. On entering the new password the following is passed to GET request is passed to appcelerator.
https://api.cloud.appcelerator.com/v1/users/reset_password.json?key={{app_key}}&reset_password_token={{reset_password_token}}&password={{password}}&password_confirmation={{password_confirmation}}
The response text is:
"{ "meta": { "status":"fail", "code":400, "message":"Failed to reset password: reset_password_token is invalid", "method_name":"resetPassword" } } "
Everything looks fine to me as far I can see and when using the standard URL structure below it works fine.
https://platform.appcelerator.com/#/users/reset_password/{{key}}/{{reset_password_token}}
I found the answer here:
https://archive.appcelerator.com/topic/2838/custom-password-reset-page-bad-request-reset_password_token-is-invalid/3
Basically, you need to add key={{key}} in your email template, and send that along with the url to appcelerator from your form. Also add ct=enterprise to the url parameters.
Doing this i got it working. Had the same problem with invalid reset token. Appearantly you are not supposed to use your own app key, but the {{key}} in the template instead.
I am using Ionic to build a login system on top of Codeigniter/Ion_Auth/codeigniter-restclient and when I try to login from "ionic server" the login works but the next api request to the logged_in() method returns false.
The same thing works properly when I point the browser to the www folder.
So here is the problem step by step:
run ionic serve
you see the login form (http://localhost:8100/#/app/login)
enter email and pass
the rest api returns "login successful"
$state.go('app.profile') works and redirects to http://localhost:8100/#/app/profile
REST get api/logged_in returns false and I redirect to the login page
If I do the same in a regular browser, step 1 becomes: open browser and go to http://localhost:8888/App/www/#/app/login, at step 6 REST get api/logged_in returns true and I don't get redirected to the login page, I stay on the profile page.
The code is the same. So my guess is that maybe ion_auth doesn't get the cookies it wants or the session is reseted. I am not sure at this point what the problem is. This is my first Ionic/App project so I might be missing something about the proper way to authenticate from a mobile app using code that works in browsers
Thank you
UPDATE:
It seems that when using the 'ionic server' window every request to the API triggers a new session. The new session is stored in the database and ion_auth tests the logged_in against that last one, which doesn't contain the login details.
you were taking about REST api and cookies and sessions. Cookies and sessions don't go with REST philosophy. Here is why.
Let me tell you how we accomplish this problem in our project. Basic way of knowing which user is requesting and if it has the access rights is by the 'Authorization' header value. You can use Basic Authentication, Barer or any other.
We generally prefer token based authorisation system. When a login is successful, server sends a token. In ionic app, we save it using a factory called SessionService. So whenever user logs in, token is stored and is used for every request. But token would be lost if user closes the app. So we can store it in local storage. User can then be directly redirected to dashboard until user logs out.
app.factory("SessionService", function($window){
var user={};
if ($window.localStorage['user']!=undefined){
user=JSON.parse($window.localStorage['user']);
console.log(user);
}
return{
isLoggedIn:function(){
return !isEmpty(user);
},
logout:function(){
console.log("logout")
user={};
$window.localStorage.clear();
},
setUser:function(data){
user=data;
$window.localStorage['user']= JSON.stringify(user);
},
getUser:function(){
return user;
}
}
})
Now in every web request, you can call SessionService.getUser().token when setting value Authorization header.
UPDATE:
Despite using cookies is not recommended, you can use it in your application easily.
If you are sending request with CORS, angular doesn't sends cookies with request.
One of the way address this issue is to send withCredentials: true with every request:
$http({withCredentials: true, ...}).get(...)
Read further about this here.
Hope this helps!