React-redux-firebase: feat(auth): remove support for credentials.signIn in createUser (signIn is automatic)
Do you want to request a feature or report a bug?
(If this is a usage question, please do not post it here—post it on gitter. If this is not a “feature” or a “bug”, or the phrase “How do I...?” applies, then it's probably a usage question.)
bug
What is the current behavior?
when setting {signIn: false}, a @@reactReduxFirebase/LOGIN action is still triggered.
If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem via codesandbox or similar.
doSubmit = async ({email, password, firstName, lastName}) => {
const {dispatch, firebase} = this.props;
await firebase.createUser({
email,
password,
signIn: false,
});
dispatch(postUserAction({email, firstName, lastName}));
};
What is the expected behavior?
By setting signIn to false, no action @@reactReduxFirebase/LOGIN should be raised.
On the other side, no action seems to be raised for the createUser action... that's weird
Which versions of dependencies, and which browser and OS are affected by this issue? Did this work in previous versions or setups?
$ yarn list|grep react-redux
├─ [email protected]
├─ [email protected]
AdrienLemaire
All 15 comments
@Fandekasp The LOGIN action is dispatched when auth state changes, so it does seem like login is being triggered, I will investigate further.
It also seems like the signIn option isn't too well documented, so I will also look into cleaning that up, thanks for reporting!
Just out of curiosity, what is the postUserAction action creator you use to create/dispatch an action for? Is it something outside of user auth and profile?
prescottprue
on 29 Jul 2018
Also getting this problem on v2.1.8
karltaylor
on 6 Sep 2018
@prescottprue sorry for the late reply. the postUserAction is just a saga to query my backend api. we store user information in our db and don't use firebase profiles.
AdrienLemaire
on 6 Sep 2018
Also getting this problem on v2.1.8
BoatPartyJesus
on 20 Sep 2018
I'm wondering if it's actually possible to avoid this, under the hood,
createUser is calling: createUserWithEmailAndPassword
However, in the firebase documentation it says:
If the new account was created, the user is signed in automatically. Have a look at the Next steps section below to get the signed in user details.
karltaylor
on 21 Sep 2018
@karltaylor It appears you are correct, thanks for pointing that out. That would explain why the auth state change was being fired even though login wasn't being called directly.
With that in mind, this feature may not actually be possible unless it logged out after creating the new user. Not sure what the use case for that would be, but it seems like it would almost be more clear to say that one should call logout after createUser.
prescottprue
on 10 Nov 2018
I used this workaround to achieve that functionality:
https://stackoverflow.com/a/38013551/7844300
And it's working fine ;)
kubalobo
on 29 Nov 2018
@kubalobo Good to know, it seems like that is the signing out right after as I was mentioning. I am open to supporting that, but it doesn't really make sense with signIn: false - it seems like the option should be something like logOutAfterCreation: true.
prescottprue
on 29 Nov 2018
Not exactly. I needed to allow administrator to create account for new users, so after that nothing should happend - neither singIn or logOut.
kubalobo
on 29 Nov 2018
@kubalobo Is there a reason that couldn't be done through a cloud function using the firebase-admin sdk? It seems like that might be the more secure way to do that unless you write all of the correct role specific database rules and don't mind the admin user having the user's login info.
The cloud function with firebase-admin is actually what I usually/currently do - that pattern also works nice for having the ability to pre-create accounts with specific info then when the person first logs in the accounts can be merged based in info like email.
I am open to the feature of logging back out right after logging in, but is different than the original intention of signIn: false, which was made to just create the user and not log in when that was an option.
prescottprue
on 30 Nov 2018
Yea it sounds like much better approach. Thanks!
kubalobo
on 1 Dec 2018
Glad to know it will work for you 😄
I'm going to switch this issue to capture getting rid of the signIn feature all together since it is pretty unclear. Also, I'm going to try to find a place in the docs for the solution mentioned above (maybe below signIn?).
prescottprue
on 1 Dec 2018
Planning to have this be one of the "potentially breaking changes" in v3.0.0, should go to pre-release soon. Open to PRs to next if anyone gets a chance, otherwise I will try to get to it soon. Thanks to everyone for the input and patience.
prescottprue
on 8 Feb 2019
Confirmed that createUser does still call LOGIN action and logs the user in v3.0.0-beta. Thanks to everyone for the input
prescottprue
on 5 Sep 2019
Released in v3.0.0-beta. Reach out if it doesn't work as expected or doesn't solve your issue.
Thanks for reporting
prescottprue
on 6 Sep 2019
Related issues
kmhigashioka
·
5Comments
rscotten
·
3Comments
darrenfurr
·
5Comments
Venryx
·
3Comments
canyavall
·
5Comments
Most helpful comment
@kubalobo Is there a reason that couldn't be done through a cloud function using the
firebase-adminsdk? It seems like that might be the more secure way to do that unless you write all of the correct role specific database rules and don't mind the admin user having the user's login info.The cloud function with
firebase-adminis actually what I usually/currently do - that pattern also works nice for having the ability to pre-create accounts with specific info then when the person first logs in the accounts can be merged based in info like email.I am open to the feature of logging back out right after logging in, but is different than the original intention of
signIn: false, which was made to just create the user and not log in when that was an option.