3

I'm currently working on a Flutter app where I need the user to sign in. Obviously, there might be cases where the user forgets his password, thus I need to provide a functionality to let the user reset his password.

I use Firebase as backend and sign up and sign in work as well as resetting the password using the default webview provided by Firebase out of the box. However, I'd like to provide the possibility that users of the mobile app are redirected to a custom password reset screen within the app. If I understand this correctly, this is what Dynamic Links are used for - I've also seen that they can be dynamically created from within the app.

Now, obviously, I don't want to simply redirect the user to something like https://www.myapp.com/reset-password, because then I feel that it would be hard to tell which password change belongs to which reset request. So, I thought it might be useful to integrate some kind of authentication code that is contained within the dynamic link, such that the server can identify the user for each password reset.

To accomplish this, I integrated some code that I found on this SO article and modified it a bit to generate a Dynamic Link:

  Future<Uri> createDynamicLink({@required String ?mail}) async {
    int randomAuthCode = Random().nextInt(1000000);
    final DynamicLinkParameters parameters = DynamicLinkParameters(
        uriPrefix: "https://myapp.page.link",
        link: Uri.parse('https://myapp.page.link/reset-password?authcode=$randomAuthCode'),
        androidParameters: AndroidParameters(
          packageName: "com.myapp.client.my_app_frontend",
          minimumVersion: 1
        ),
    );
    final link = await parameters.buildUrl();
    final ShortDynamicLink shortenedLink = await DynamicLinkParameters.shortenUrl(
      link,
      DynamicLinkParametersOptions(shortDynamicLinkPathLength: ShortDynamicLinkPathLength.unguessable)
    );
    return shortenedLink.shortUrl;
  }

However, I don't really get by now how to properly integrate this to send the email based off of this, and also, when to call that function.

The code which is triggered upon requesting the password reset email for an entered email address is the following, although I'm not sure if I need to add actionCodeSettings or not:

  void _handleLookupRequest() async {

    //some input validators ...


    LoadingIndicatorDialog dialog = LoadingIndicatorDialog();
    dialog.setContext(context);
    dialog.show(context);

    final FirebaseAuth auth = FirebaseAuth.instance;
    await auth.sendPasswordResetEmail(
        email: email,
        //actionCodeSettings: //do I need to add these??
    ).then((user) {
      dialog.dismiss();
      Navigator.of(context).pop();
    })
        .catchError((error) {
      dialog.dismiss();

      String errorType = Errorparser().parseFirebaseAuthErrorType(error);

      NotificationDialog().show(
          context,
          errorType,
          Errorparser().parseFirebaseAuthErrorMessage(error)
      );
    }
    );

  }

I don't know if I'm perhaps just overengineering this because Firebase already guarantees a safe method to identify the correct user but I only started using Firebase yesterday, so I'm still getting used to all the features. Hopefully someone can help me to implement an in-app password reset like this as I had quite a hard time finding any information on this topic.

Samaranth
  • 385
  • 3
  • 16
  • Any updates on this ? Iā€™m also looking to reset password within my App ā€“ Aristidios Jun 15 '22 at 11:58
  • 1
    @Aristidios Due to not getting any responses I have abandoned this feature and also the overall development of the app for quite some time. However, I did a fresh start of the project just some days ago because of some design flaws of the previous project. So, if I should get to this point again where I want to include this feature I'll update this post if I find a working solution. ā€“ Samaranth Jun 15 '22 at 14:56

0 Answers0