Add Email Link Authentication #665

Author: EddyVerbruggen

demo/app/App_Resources/Android/AndroidManifest.xml

@@ -47,6 +47,7 @@
         <category android:name="android.intent.category.BROWSABLE"/>
         <data android:host="www.coolapp.com" android:scheme="http"/>
         <data android:host="www.coolapp.com" android:scheme="https"/>
+        <data android:host="combidesk.com" android:scheme="https"/>
       </intent-filter>
 
 		</activity>

demo/app/main-view-model.ts

@@ -64,7 +64,7 @@ export class HelloWorldModel extends Observable {
 
   public doWebLoginByPassword(): void {
     this.ensureWebOnAuthChangedHandler();
-    firebaseWebApi.auth().signInWithEmailAndPassword('[email protected]', 'firebase')
+    firebaseWebApi.auth().signInWithEmailAndPassword('[email protected]', 'firebase')
         .then(() => console.log("User logged in"))
         .catch(err => {
               alert({
@@ -154,7 +154,7 @@ export class HelloWorldModel extends Observable {
   }
 
   public doWebCreateUser(): void {
-    firebaseWebApi.auth().createUserWithEmailAndPassword('[email protected]', 'firebase')
+    firebaseWebApi.auth().createUserWithEmailAndPassword('[email protected]', 'firebase')
         .then(result => {
           alert({
             title: "User created",
@@ -723,7 +723,7 @@ export class HelloWorldModel extends Observable {
 
   public doCreateUser(): void {
     firebase.createUser({
-      email: '[email protected]',
+      email: '[email protected]',
       password: 'firebase'
     }).then(
         result => {
@@ -767,7 +767,7 @@ export class HelloWorldModel extends Observable {
       type: firebase.LoginType.PASSWORD,
       passwordOptions: {
         // note that these credentials have been pre-configured in our demo firebase instance
-        email: '[email protected]',
+        email: '[email protected]',
         password: 'firebase'
       }
     }).then(
@@ -918,7 +918,7 @@ export class HelloWorldModel extends Observable {
 
   public doResetPassword(): void {
     firebase.resetPassword({
-      email: '[email protected]'
+      email: '[email protected]'
     }).then(
         result => {
           alert({
@@ -1359,7 +1359,7 @@ export class HelloWorldModel extends Observable {
     firebase.reauthenticate({
       type: firebase.LoginType.PASSWORD,
       passwordOptions: {
-        email: '[email protected]',
+        email: '[email protected]',
         password: 'firebase'
       }
     }).then(

docs/AUTHENTICATION.md

@@ -5,6 +5,7 @@ You can sign in a user either
 
 * [anonymously](#anonymous-login),
 * by [email and password](#email-password-login),
+* by [email link](#email-link),
 * by [phone verification](#phone-verification),
 * using a [custom token](#custom-login),
 * using [Facebook](#facebook-login),
@@ -239,6 +240,69 @@ Don't forget to enable email-password login in your firebase instance.
 </details>
 
 
+### Email-Link login
+Enable email-password login in your firebase instance, and flip the "E-mail link" switch.
+
+This login type allows your users to login without providing a password. They can simply click a link
+and get redirected to the app. The app may even run on a different device.
+
+Enable dynamic links, as described in the [Dynamic Links readme]("./INVITES_DYNAMICLINKS.md"), because the user
+that receives the link will need to be redirected to your app.
+
+#### iOS configuration
+- Specify the bundle id of your app in the Firebase console.
+
+#### Android configuration
+- Specify the package name of your app in the Firebase console.
+- Upload the SHA-1 and SHA-256 of the (debug) signing certificates to the Firebase console, as described in the [Dynamic Links readme]("./INVITES_DYNAMICLINKS.md").
+- Also add an `android:host` for the `emailLinkOptions.url` to your `app/App_Resources/Android/AndroidManifest.xml` file as described in that readme.
+
+<details>
+ <summary>Native API</summary>
+
+```typescript
+  firebase.login(
+      {
+        type: firebase.LoginType.EMAIL_LINK,
+        emailLinkOptions: {
+          email: "[email protected]",
+          url: "https://domain.com?foo=bar",
+          // the stuff below is optional, if not set the plugin will infer this for you (bundle/package is taken from currently used platform)
+          iOS: {
+            bundleId: "my.bundle.id"
+          },
+          android: {
+            packageName: "my.package.name"
+          }
+        }
+      })
+      .then(result => JSON.stringify(result))
+      .catch(error => console.log(error));
+```
+</details>
+
+<details>
+ <summary>Web API</summary>
+
+```typescript
+  firebaseWebApi.auth().sendSignInLinkToEmail(
+      "[email protected]",
+       {
+         url: "https://domain.com?foo=bar",
+         // the stuff below is optional, if not set the plugin will infer this for you (bundle/package is taken from currently used platform)
+         iOS: {
+           bundleId: "my.bundle.id"
+         },
+         android: {
+           packageName: "my.package.name"
+         }
+       })
+      .then(() => console.log("Email link sent"))
+      .catch(err => console.log("Login error: " + JSON.stringify(err)));
+```
+</details>
+
+
 #### Managing email-password accounts
 
 ##### Creating a Password account

docs/INVITES_DYNAMICLINKS.md

@@ -8,7 +8,7 @@ _Invites_ lets you invite other users to your app from right within your own app
 Keep in mind that invites are based of dynamic links, and so calling for an invite may return a plain dynamic link, in which case invitationId is null.
 
 ### Android
-* [Make sure you've uploaded your SHA1 fingerprint(s)](https://developers.google.com/android/guides/client-auth) to the Firebase console, then download the latest `google-services.json` file and add it to `app/App_Resources/Android`.
+* [Make sure you've uploaded your SHA1 and SHA256 fingerprints](https://developers.google.com/android/guides/client-auth) to the Firebase console.
 
 ### iOS
 * On iOS the user must be signed in with their Google Account to send invitations.

src/app/auth/index.ts

@@ -1,5 +1,5 @@
 import * as firebase from "../../firebase";
-import { LoginType, User } from "../../firebase";
+import { FirebaseEmailLinkActionCodeSettings, LoginType, User } from "../../firebase";
 
 export module auth {
   export class Auth {
@@ -49,6 +49,27 @@ export module auth {
       });
     }
 
+    public sendSignInLinkToEmail(email: string, actionCodeSettings: FirebaseEmailLinkActionCodeSettings): Promise<any> {
+      return new Promise((resolve, reject) => {
+        firebase.login({
+          type: LoginType.EMAIL_LINK,
+          emailLinkOptions: {
+            email: email,
+            url: actionCodeSettings.url,
+          }
+        }).then((user: User) => {
+          this.currentUser = user;
+          this.authStateChangedHandler && this.authStateChangedHandler(user);
+          resolve();
+        }, (err => {
+          reject({
+            // code: "",
+            message: err
+          });
+        }));
+      });
+    }
+
     public createUserWithEmailAndPassword(email: string, password: string): Promise<any> {
       return firebase.createUser({
         email: email,

src/firebase.android.ts

@@ -25,7 +25,7 @@ const messagingEnabled = lazy(() => typeof(com.google.firebase.messaging) !== "u
 const dynamicLinksEnabled = lazy(() => typeof(com.google.android.gms.appinvite) !== "undefined");
 
 (() => {
-  // note that this means we need to require the plugin before the app is loaded
+  // note that this means we need to 'require()' the plugin before the app is loaded
   appModule.on(appModule.launchEvent, args => {
     if (messagingEnabled()) {
       org.nativescript.plugins.firebase.FirebasePluginLifecycleCallbacks.registerCallbacks(appModule.android.nativeApp);
@@ -63,30 +63,58 @@ const dynamicLinksEnabled = lazy(() => typeof(com.google.android.gms.appinvite)
       }
 
     } else if (isLaunchIntent && dynamicLinksEnabled()) {
-      const getDynamicLinksCallback = new com.google.android.gms.tasks.OnCompleteListener({
-        onComplete: task => {
-          if (task.isSuccessful() && task.getResult() !== null) {
-            const result = task.getResult();
-            if (firebase._dynamicLinkCallback === null) {
-              firebase._cachedDynamicLink = {
-                url: result.getLink().toString(),
-                matchConfidence: 1,
-                minimumAppVersion: result.getMinimumAppVersion()
-              };
-            } else {
-              setTimeout(() => {
-                firebase._dynamicLinkCallback({
+      // let's see if this is part of an email-link authentication flow
+      const firebaseAuth = com.google.firebase.auth.FirebaseAuth.getInstance();
+      const emailLink = "" + intent.getData();
+      if (firebaseAuth.isSignInWithEmailLink(emailLink)) {
+        const rememberedEmail = firebase.getRememberedEmailForEmailLinkLogin();
+        if (rememberedEmail !== undefined) {
+          const emailLinkOnCompleteListener = new com.google.android.gms.tasks.OnCompleteListener({
+            onComplete: task => {
+              if (task.isSuccessful()) {
+                const authResult = task.getResult();
+                firebase.notifyAuthStateListeners({
+                  loggedIn: true,
+                  user: authResult.getUser()
+                });
+              }
+            }
+          });
+          const user = com.google.firebase.auth.FirebaseAuth.getInstance().getCurrentUser();
+          if (user) {
+            const authCredential = com.google.firebase.auth.EmailAuthProvider.getCredentialWithLink(rememberedEmail, emailLink);
+            user.linkWithCredential(authCredential).addOnCompleteListener(emailLinkOnCompleteListener);
+          } else {
+            firebaseAuth.signInWithEmailLink(rememberedEmail, emailLink).addOnCompleteListener(emailLinkOnCompleteListener);
+          }
+        }
+
+      } else {
+        const getDynamicLinksCallback = new com.google.android.gms.tasks.OnCompleteListener({
+          onComplete: task => {
+            if (task.isSuccessful() && task.getResult() !== null) {
+              const result = task.getResult();
+              if (firebase._dynamicLinkCallback === null) {
+                firebase._cachedDynamicLink = {
                   url: result.getLink().toString(),
                   matchConfidence: 1,
                   minimumAppVersion: result.getMinimumAppVersion()
+                };
+              } else {
+                setTimeout(() => {
+                  firebase._dynamicLinkCallback({
+                    url: result.getLink().toString(),
+                    matchConfidence: 1,
+                    minimumAppVersion: result.getMinimumAppVersion()
+                  });
                 });
-              });
+              }
             }
           }
-        }
-      });
-      const firebaseDynamicLinks = com.google.firebase.dynamiclinks.FirebaseDynamicLinks.getInstance();
-      firebaseDynamicLinks.getDynamicLink(intent).addOnCompleteListener(getDynamicLinksCallback);
+        });
+        const firebaseDynamicLinks = com.google.firebase.dynamiclinks.FirebaseDynamicLinks.getInstance();
+        firebaseDynamicLinks.getDynamicLink(intent).addOnCompleteListener(getDynamicLinksCallback);
+      }
     }
   });
 })();
@@ -1104,6 +1132,43 @@ firebase.login = arg => {
           firebaseAuth.signInWithEmailAndPassword(arg.passwordOptions.email, arg.passwordOptions.password).addOnCompleteListener(onCompleteListener);
         }
 
+      } else if (arg.type === firebase.LoginType.EMAIL_LINK) {
+        if (!arg.emailLinkOptions || !arg.emailLinkOptions.email) {
+          reject("Auth type EMAIL_LINK requires an 'emailLinkOptions.email' argument");
+          return;
+        }
+
+        if (!arg.emailLinkOptions.url) {
+          reject("Auth type EMAIL_LINK requires an 'emailLinkOptions.url' argument");
+          return;
+        }
+
+        const actionCodeSettings = com.google.firebase.auth.ActionCodeSettings.newBuilder()
+            // URL you want to redirect back to. The domain must be whitelisted in the Firebase Console.
+            .setUrl(arg.emailLinkOptions.url)
+            .setHandleCodeInApp(true)
+            .setIOSBundleId(arg.emailLinkOptions.iOS ? arg.emailLinkOptions.iOS.bundleId : appModule.android.context.getPackageName())
+            .setAndroidPackageName(
+                arg.emailLinkOptions.android ? arg.emailLinkOptions.android.packageName : appModule.android.context.getPackageName(),
+                arg.emailLinkOptions.android ? arg.emailLinkOptions.android.installApp || false : false,
+                arg.emailLinkOptions.android ? arg.emailLinkOptions.android.minimumVersion || "1" : "1")
+            .build();
+
+        const onEmailLinkCompleteListener = new com.google.android.gms.tasks.OnCompleteListener({
+          onComplete: task => {
+            if (!task.isSuccessful()) {
+              reject((task.getException() && task.getException().getReason ? task.getException().getReason() : task.getException()));
+            } else {
+              // The link was successfully sent.
+              // Save the email locally so you don't need to ask the user for it again if they open the link on the same device.
+              firebase.rememberEmailForEmailLinkLogin(arg.emailLinkOptions.email);
+              resolve();
+            }
+          }
+        });
+
+        firebaseAuth.sendSignInLinkToEmail(arg.emailLinkOptions.email, actionCodeSettings).addOnCompleteListener(onEmailLinkCompleteListener);
+
       } else if (arg.type === firebase.LoginType.PHONE) {
         // https://firebase.google.com/docs/auth/android/phone-auth
         if (!arg.phoneOptions || !arg.phoneOptions.phoneNumber) {

src/firebase.d.ts

@@ -182,11 +182,20 @@ export interface FirebasePasswordLoginOptions {
   password: string;
 }
 
-export interface FirebaseEmailLinkLoginOptions {
-  email: string;
+export interface FirebaseEmailLinkActionCodeSettings {
   url: string;
-  iosBundleId?: string;
-  androidPackageId?: string;
+  iOS?: {
+    bundleId: string;
+  };
+  android?: {
+    packageName: string;
+    installApp?: false;
+    minimumVersion?: string;
+  }
+}
+
+export interface FirebaseEmailLinkLoginOptions extends FirebaseEmailLinkActionCodeSettings {
+  email: string;
 }
 
 export interface FirebasePhoneLoginOptions {

src/firebase.ios.ts

@@ -190,15 +190,12 @@ firebase.addAppDelegateMethods = appDelegate => {
             if (fAuth.currentUser) {
               const onCompletionLink = (result: FIRAuthDataResult, error: NSError) => {
                 if (error) {
-                  console.log("linkAndRetrieveDataWithCredentialCompletion error: " + error.localizedDescription);
                   // ignore, and complete the email link sign in flow
                   fAuth.signInWithEmailLinkCompletion(rememberedEmail, userActivity.webpageURL.absoluteString, (authData: FIRAuthDataResult, error: NSError) => {
-                    if (error) {
-                      console.log("signInWithEmailLinkCompletion error: " + error.localizedDescription);
-                    } else {
+                    if (!error) {
                       firebase.notifyAuthStateListeners({
                         loggedIn: true,
-                        user: result.user
+                        user: authData.user
                       });
                     }
                   });
@@ -1323,11 +1320,11 @@ firebase.login = arg => {
         firActionCodeSettings.URL = NSURL.URLWithString(arg.emailLinkOptions.url);
         // The sign-in operation has to always be completed in the app.
         firActionCodeSettings.handleCodeInApp = true;
-        firActionCodeSettings.setIOSBundleID(arg.emailLinkOptions.iosBundleId || NSBundle.mainBundle.bundleIdentifier);
+        firActionCodeSettings.setIOSBundleID(arg.emailLinkOptions.iOS ? arg.emailLinkOptions.iOS.bundleId : NSBundle.mainBundle.bundleIdentifier);
         firActionCodeSettings.setAndroidPackageNameInstallIfNotAvailableMinimumVersion(
-            arg.emailLinkOptions.androidPackageId || NSBundle.mainBundle.bundleIdentifier,
-            false, // TODO not sure
-            "12"); // TODO not sure
+            arg.emailLinkOptions.android ? arg.emailLinkOptions.android.packageName : NSBundle.mainBundle.bundleIdentifier,
+            arg.emailLinkOptions.android ? arg.emailLinkOptions.android.installApp || false : false,
+            arg.emailLinkOptions.android ? arg.emailLinkOptions.android.minimumVersion || "1" : "1");
         fAuth.sendSignInLinkToEmailActionCodeSettingsCompletion(
             arg.emailLinkOptions.email,
             firActionCodeSettings,

src/package.json

@@ -39,12 +39,10 @@
     "tsc": "tsc -skipLibCheck",
     "plugin.tscwatch": "npm run tsc -- -w",
     "package": "cd ../publish && rm -rf ./package && ./pack.sh",
-    "demo.ios": "npm run preparedemo && cd ../demo && tns run ios --emulator",
-    "demo.ios.device": "npm run preparedemo && cd ../demo && tns platform remove ios && tns run ios",
-    "demo-ng.ios": "npm run preparedemo-ng && cd ../demo-ng && tns run ios --emulator",
-    "demo-ng.ios.device": "npm run preparedemo-ng && cd ../demo-ng && tns platform remove ios && tns run ios",
+    "demo.ios": "npm run preparedemo && cd ../demo && tns platform remove ios && tns run ios",
+    "demo-ng.ios": "npm run preparedemo-ng && cd ../demo-ng && tns platform remove ios && tns run ios",
     "demo.android": "npm run preparedemo && cd ../demo && tns platform remove android && tns run android --justlaunch",
-    "demo-ng.android": "npm run preparedemo-ng && cd ../demo-ng && tns run android --justlaunch",
+    "demo-ng.android": "npm run preparedemo-ng && cd ../demo-ng && tns run android",
     "test": "npm run tslint && npm run tslint.demo && cd ../demo && tns build ios && tns build android",
     "test.ios": "cd ../demo && tns test ios --emulator",
     "test.ios.device": "cd ../demo && tns platform remove ios && tns test ios",