I am trying to reset password on my angularjs App. I am using Parse (js SDK) as a backend.
I am using Parse.User.requestPasswordReset as said in the doc, but I am always getting an error 125 invalid email address.
Here is my html form :
<input type="email" ng-model="resetData.email" required>
<button ng-click="resetPassword(resetData)">
Ok
</button>
Here is my controller :
app.controller('userCtrl', function($scope, loginService){
$scope.resetPassword = function(resetData){
loginService.resetPassword(resetData,$scope);
};
});
And finally here is my factory :
app.factory('loginService', function(){
return{
resetPassword:function(resetData,scope){
console.log(resetData.email);
Parse.User.requestPasswordReset(resetData.email,{
success:function(){
alert('You'll receive an email to reset your password');
},
error:function(error){
if (error.code === 205) {
scope.msg_erreur='User not found';
console.log("error "+error.code+" "+error.message);
}
else{
scope.msg_erreur='Oops ! Something wrong happened';
console.log("error "+error.code+" "+error.message);
};
}
})
}
}
});
Good to know :
the console.log(resetData.email) show the good email address.
the email address I used are really in the User Class (if not there is an "error 205 user not found")
I tried to put an email address directly in my code in the Parse.User.requestPasswordReset instead of resetData.email
I tried with several email address, all are real ones.
In every case I always have this error 125 invalid email address.
Does anyone have an idea ?
Thanks
I presume you are storing the email address in the username field, and letting users login that way. Put the email address in the email field as well and the reset email should go out as expected.
This seems to be an issue with the way Parse is dealing with resets, because this was not a problem before. This workaround is not elegant, but it will work until the issue is properly resolved from their end.
Related
I have the following method:
function CompleteFbData() {
FB.api('/me', 'get', {fields: 'id,name,email,birthday'}, function(response) {
$("#profile_full_name").val(response.name);
$("#profile_email").val(response.email);
$("#profile_telephone").focus()
$("#loginbutton").remove();
});
}
This should return me id, name, email and birthday from my user's facebook account. However, it sometimes will get me only the id and name.
Eg1:
returns email
Eg2:
doesn't return email
Since it's important that I always get the user email for my application, is there a way I can ensure it will always get the email?
Thanks for your time.
EDIT: I understand that a Facebook account doesn't necessarily have an e-mail associated to it, so I must change my application.
However, in the examples I printed, the accounts used were created by myself, both have e-mails associated to each one of the. Still it did not return the email in one of them.
Note: this happens a lot, sometimes it returns sometimes won't return. Couldn't understand why and when it happens.
Facebook api requests don't return email if the email isn't valid. Do both the emails you have used for the separate accounts have valid # addresses? also has the email been verified via facebooks verification email?
Try this and if it works..woohoo!
I have a scenario that requires checking an entered password against the user's firebase password before the user does an irreversible task. This is different from creating an account or signing in. How can you check against a firebase password? It doesn't look like there's a password property in firebase.auth().currentUser.
Update:
The user must verify their password and the Delete button will run a function to check it. If it matches the firebase password, the Delete button will succeed in triggering a pretty modal to pop up.
I would suggest you to store the user password somewhere if you need to check against it at some point.
Instead of storing it inside your database (which wouldn't be safe) I would personally store it on user's device using UserDefaults so that you can access it easily whenever you need to perform your sensible tasks.
Update:
Another possibility would be using the reauthenticateWithCredential method. If the method return success then, perform your sensitive task. If it fails, ask your user to type the correct password.
As per your request, this is how you would reauthenticate the user using his email & password :
// First you get your current user using Auth :
let currentUser = Auth.auth()?.currentUser
// Then you build up your credential using the current user's current email and password :
let credential = EmailAuthProvider.credential(withEmail: email, password: password)
// use the reauthenticate method using the credential :
currentUser?.reauthenticate(with: credential, completion: { (error) in
guard error == nil else {
return
}
// If there is no error, you're good to go
// ...Do something interesting here
})
You can find some more explanation inside the Firebase documentation here : https://firebase.google.com/docs/auth/ios/manage-users
I am trying to implement a registration form into my web app. Once I insert the 'name' and 'email' provided by the user into my database (Mysql). I need separate error messages to pop up on the registration form if the 'name' or 'email' are already in use, something like
"the 'name' is already in use"
or
"the 'email' is already in use"
The problem is I use the error I get from the Mysql to show the message
"the 'name' or 'email' is already in use"
My question is how can i use the Mysql error to distinguish whether it is the 'name' or the 'email' that is being duplicated.
app.post(myArgs[0]+"/register", function(req,res){
con.query('insert into users values(UUID(),\'' + req.body.user + '\',\''+req.body.pass+'\',\''+req.body.mail+'\',NULL)',function(err,res){
if(err){
console.error(err+" Ooops name or email already in use !"); //here is where I want to find out whether it is the name or the email that is already in use!
errorregister();
return;
} else {
passregister();
}
})
function errorregister(){
res.redirect(myArgs[0]+"/register");
console.log(_dict);
}
function passregister(){
res.redirect(myArgs[0]+"/login");
console.log(_dict);
}
});
After the DB give you a error on inserting, you know that either emailor name, or both, is duplicated.
You can then search the DB for name, then for email.
After that, customizing your error message is easy.
Checking before inserting could go wrong in case of race conditions (two users trying to register the same name/email at the same time). After inserting, you know for sure something is duplicated.
Check for error 1586 when inserting in MySQL(List of error codes)
You can check for which INSERT the error occurred.
Whenever a duplicate key is being inserted in a UNIQUE KEY column, this error is returned. Based on this error you can send a AJAX response to client, which would update DOM to show the required error.
Alright this is how i got it done
app.post(myArgs[0]+"/register", function(req,res){
con.query('insert into users values(UUID(),\'' + req.body.user + '\',\''+req.body.pass+'\',\''+req.body.mail+'\',NULL)',function(err,res){
if(err){
error(err);
return;
} else {
passregister();
}
})
function error(err){
if (err.toString().search("'PRIMARY'") != -1 ){
console.error(" Ooops!!! name duplicated");
res.redirect(myArgs[0]+"/register")
} else {
console.error(" Ooops!!! email duplicated");
res.redirect(myArgs[0]+"/register")
}
return;
}
function passregister(){
_dict[req.body.user]={};
res.redirect(myArgs[0]+"/login");
console.log(_dict);
}
});
I am currently working on a profile page using the plugin "accounts-password" installed it via the command
meteor add accounts-password
I have run the program and so on and was able to add data; however, when I try to call or display the data on the browser using the
{{ currentUser.email }}
and
{{ currentUser.password }}
It doesn't display, but when I called
{{ currentUser.username }}
it works just fine. I tried to access the database via find().fetch(); and this is what I see.
id: "GP26SF2F8jmpqQuvT"
emails: Array[1]
0: Object
address: "testing#gmail.com"
verified: false
__proto__: Object
length: 1
__proto__: Array[0]
username: "testing"
__proto__: Object
Based on the arrangement, should I called the email as
{{ currentUser.emails.0.address }}
? Also I don't see the password in the data, is there a way to retrieve it? Actually my aim here to update the Meteor.users if user wants to change password or email address. Thanks.
accounts-password doesn't publish the password field of the document by default. This is to be expected - for security reasons!
In regards to the email: accounts package allows the application to add multiple emails to a user. This is why there's an array of emails.
Instead of doing
{{ currentUser.emails.0.address }}
What you could do is add a helper to the template:
Template.myTemplate.helpers({
email: function(){
return Meteor.user().emails[0].address;
}
});
And then you can just use this in the template:
{{ email }}
Actually my aim here to update the Meteor.users if user wants to change password or email address. Thanks.
I'd say that there's almost never a reason to publish the user's password to the client. It's a huge security risk. The accounts-password package has taken care of the common use-cases, so you can just use Accounts.changePassword() on the client to allow the user to change their password.
If you want to allow the user to change their email, what you want to do, is use a Method. A method can be called by the client, but the code is executed on the server. After it's executed, the server returns a response to the client. Kind of like how HTTP works.
In this case, the client could call a method named changeEmail, which tries to change the user's email. If all checks pass etc, the server changes the user's email and returns a response, e.g. "success", otherwise returns "fail". This is what the code could look like:
if(Meteor.isClient){
Meteor.call('changeEmail', newEmail, function(error, response){
if(error){
console.error(error);
} else {
console.log(response);
}
});
}
if(Meteor.isServer){
Meteor.methods({
changeEmail: function(newEmail){
Accounts.addEmail(this.userId, newEmail, false);
var userEmails = Meteor.users.findOne(this.userId, {fields: {emails: 1}}).emails;
if(userEmails.length > 1){
Accounts.removeEmail(this.userId, userEmails[0].address);
Accounts.sendVerificationEmail(this.userId, newEmail);
return "success";
} else {
throw new Meteor.Error('fail', 'email not correct!');
}
}
});
}
If you're not familiar with Methods, you can read either this tutorial by Meteor or this article. Also, my code might not be 100% functional, it's just an example.
I'm using this ajax validation but it doesn't validate if the e-mail already exists in the database. It just goes through if you entered a valid e-mail address:
onSubmit="if(newsletterSubscriberFormDetail.validator.validate())
{
new Ajax.Updater({success:'newsletter-validate-detail'}, 'newsletter/subscriber/new',
{
asynchronous:true, evalScripts:false, onComplete:function(request, json)
{
Element.hide('newsletter-validate-detail');Element.show('pop-confirm');
},
onLoading:function(request, json){}, parameters:Form.serialize(this)
});
} return false;"
I have tried to modify the onsubmit function, but to no avail. I hope someone here can teach me how to make this validation work so that it will check if the entered e-mail already exists.
This is standard Magento behavior.
It doesn't check if the email already exists and always says "Thank you for your subscription".
You can check in Mage_Newsletter_SubscriberControllerin newAction that it'll only check for existing email if you're logged in and try to enter someone else's email address :
if ($ownerId !== null && $ownerId != $customerSession->getId()) {
Mage::throwException($this->__('This email address is already assigned to another user.'));
}
You'll probably need to rewrite this method to achieve that 'Email already exists' error.