I want to be able to create users, but from my admin account. So when I use this line:
this.af.auth.createUser({email: email, password: password});
It creates the user, but then it logs me in as them, and I don't want that. I just want to create it. Anyone know?
Long Answer:
There is no AngularFire 2 way to programatically manage users. The issue is that even if you use the Firebase Admin SDK, at least one of the module's dependencies simply won't run in the browser; e.g., webpack.
So you could install the Firebase Admin module with npm install --save firebase-admin and then...
import * as admin from "firebase-admin";
adminCreateUser() {
admin.auth().createUser({
email: "user#example.com",
emailVerified: false,
password: "secretPassword",
displayName: "John Doe",
photoURL: "http://www.example.com/12345678/photo.png",
disabled: false
})
.then(function(userRecord) {
// See the UserRecord reference doc for the contents of userRecord.
console.log("Successfully created new user:", userRecord.uid);
})
.catch(function(error) {
console.log("Error creating new user:", error);
});
}
... would likely throw the error Error: Can't resolve 'dns' in '.../node_modules/isemail/lib'. The reason for this is explained here.
You could probably figure out some sort of hack for this, but this particular issue raises an important objection to this method of user creation, which has to do with client-side cryptography.
Short Answer:
Run the Firebase Admin SDK on a backend service instead.
Related
I want to use SSO in Outlook to get the BookstrapToken with MSGrapAccess and I'm getting the error "13012". In the documentation says that this error is only possible while sideloading, but I also get it once I deploy the addin.
I'm not doing anything special:
bootstrapToken = await OfficeRuntime.auth.getAccessToken({ allowSignInPrompt: true, allowConsentPrompt: true, forMSGraphAccess: true });
This is the error I get:
{code: 13012, message: "API is not supported in this platform.", name: "API Not Supported"}
All the permissions are granted in Azure.
Is it possible to get the BootstrapToken foMSGraphAccess or I need to use a different sign in method?
Thank you
I found the way to make it work with the parameter. The problem was that I was using allowConsentPrompt and forMSGraphAccess at the same time. Without allowConsentPrompt, I can use forMSGraphAccess with no problem.
I am using Firebase in my app and I've noticed when I am actively making changes and LiveSync updates the app it will sometimes say "firebase.init error: Firebase already initialized". This happens when the changes don't trigger a whole application restart (ex. an html file). It completely messes up my current authentication state and forces me to restart the app anyways.
Is there some way I can catch for this happening or prevent it? I can try to make a demo app for it, but I feel this might have happened to somebody already.
I am just using the standard firebase.init as shown in the documentation in my app.component, nothing special or different.
Instead of using on ngOnit of App.component, try to initlize firebase on app launch event.
applicationOn(launchEvent, (args: LaunchEventData) => {
firebase.init({
// Optionally pass in properties for database, authentication and cloud messaging,
// see their respective docs.
}).then(
function () {
console.log("firebase.init done");
},
function (error) {
console.log("firebase.init error: " + error);
}
);
});
I'm trying to build an app that does something when it is first installed onto a workspace, eg: Ping every team member.
I couldn't find an event type that gets triggered upon app install:
https://api.slack.com/events
Is there a way to make this happen?
I think there might be a misunderstanding of the events concepts here. Events are always directly linked to one specific Slack app and needs to be processed by that very app. There is no such thing as "general" events for things happening on a workplace, like a new app being installed. Ergo there is no event for app installation.
Nevertheless you can implement the functionality you mentioned with Slack, e.g. pinging all team members once an app is first installed. All you need to do is include this function in the installation process of your Slack app and e.g. start pinging after the installation process is complete and the app verified that it was the first installation to this workspace. You do not need an event for that.
This is a partial answer because I was wondering the same thing and wanted to share what I found. On this oauth tutorial, it has the following code snippet:
app.get('/auth', function(req, res){
if (!req.query.code) { // access denied
return;
}
var data = {form: {
client_id: process.env.SLACK_CLIENT_ID,
client_secret: process.env.SLACK_CLIENT_SECRET,
code: req.query.code
}};
request.post('https://slack.com/api/oauth.access', data, function (error, response, body) {
if (!error && response.statusCode == 200) {
// Get an auth token
let oauthToken = JSON.parse(body).access_token;
// OAuth done- redirect the user to wherever
res.redirect(__dirname + "/public/success.html");
}
})
});
I believe instead of the line res.redirect(__dirname + "/public/success.html"); at that point you can make a request to ping everyone or even call a function to do so directly there, and it will trigger immediately once the app has been installed.
I'm trying to use express-stormpath on my Heroku app. I'm following the docs here, and my code is super simple:
var express = require('express');
var app = express();
var stormpath = require('express-stormpath');
app.use(stormpath.init(app, {
website: true
}));
app.on('stormpath.ready', function() {
app.listen(3000);
});
I've already looked at this question and followed the Heroku devcenter docs. The docs say that for an Heroku app, it's not necessary to pass in options, but I've still tried passing in options and nothing works. For example, I've tried this:
app.use(stormpath.init(app, {
// client: {
// file: './xxx.properties'
// },
client: {
apiKey: {
file: './xxx.properties',
id: process.env.STORMPATH_API_KEY_ID || 'xxx',
secret: process.env.STORMPATH_API_KEY_SECRET || 'xxx'
}
},
application: {
href: 'https://api.stormpath.com/v1/applications/blah'
},
}));
To try and see what's going on, I added a console.log line to the stormpath-config strategy valdiator to print the client object, and it gives me this:
{ file: './apiKey-xxx.properties',
id: 'xxx',
secret: 'xxx' }
{ file: null, id: null, secret: null }
Error: API key ID and secret is required.
Why is it getting called twice, and the second time around, why does the client object have null values for the file, id and secret?
When I run heroku config | grep STORMPATH, I get
STORMPATH_API_KEY_ID: xxxx
STORMPATH_API_KEY_SECRET: xxxx
STORMPATH_URL: https://api.stormpath.com/v1/applications/[myappurl]
I'm the original author of the express-stormpath library, and also wrote the Heroku documentation for Stormpath.
This is 100% my fault, and is a documentation / configuration bug on Stormpath's side of things.
Back in the day, all of our libraries looked for several environment variables by default:
STORMPATH_URL (your Application URL)
STORMPATH_API_KEY_ID
STORMPATH_API_KEY_SECRET
However, a while ago, we started upgrading our libraries, and realized that we wanted to go with a more standard approach across all of our supported languages / frameworks / etc. In order to make things more explicit, we essentially renamed the variables we look for by default, to:
STORMPATH_APPLICATION_HREF
STORMPATH_CLIENT_APIKEY_ID
STORMPATH_CLIENT_APIKEY_SECRET
Unfortunately, we did not yet update our Heroku integration or documentation to reflect these changes, which is why you just ran into this nasty issue.
I just submitted a ticket to our Engineering team to fix the names of the variables that our Heroku addon provisions by default to include our new ones, and I'm going to be updating our Heroku documentation later this afternoon to fix this for anyone else in the future.
I'm sincerely sorry about all the confusion / frustration. Sometimes these things slip through the cracks, and experiences like this make me realize we need better testing in place to catch this stuff earlier.
I'll be working on some changes internally to make sure we have a better process around rolling out updates like this one.
If you want a free Stormpath t-shirt, hit me up and I'll get one shipped out to you as a small way to say 'thanks' for putting up with the annoyance: randall#stormpath.com
After endless hours, I managed to finally get it working by removing the add-on entirely and re-installing it via the Heroku CLI and then exporting variables STORMPATH_CLIENT_APIKEY_ID and STORMPATH_CLIENT_APIKEY_SECRET. For some reason, installing it via the Heroku Dashboard causes express-stormpath to not find the apiKey and secret fields (even if you export variables).
There are questions about getting the profile image from Twitter, Facebook or Google, but it would be nice if there were a simple and extensible wrapper that returned the profile image regardless of the current user's account service.
I think you would want to set the users profile picture yourself. Because the services do not have a standard way to store profile picture. And the meteor oauth has no required code for each service class to implement.
You could set it on account creation. This would require writing code for each service.
Accounts.onCreateUser(function (options, user) {
if (user.services.google !== undefined) {
user.profile.profile_picture = user.services.google.picture;
}
if (user.services.twitter !== undefined) {
user.twitter.profile_picture = user.services.twitter.profile_url; // sudo param name
}
return user;
})
or on publish.
In the meantime there is an Atmosphere package that returns the user profile picture and works for a lot of auth services:
bengott:avatar
Instead of bengott:avatar (which is now deprecated), use the utilities:avatar package instead
You might also want to look at the accounts-meld package.