英文:
Firebase error when calling updateEmail()
问题
在一次长时间的授权会话后,我尝试更新电子邮件并出现以下错误:
显然,Firebase希望我重新授权。将用户重定向到登录页面是否有效?
或者是否有其他方法使其更符合真正的OAuth2要求?
英文:
After a long authorization session, I try to update the email and get this error:
Obviously, Firebase wants me to do a reauthorization. Will it be valid to redirect users to the Sing In page?
Or there are any other ways to make that more valid as true Oauth2 requires?
答案1
得分: 0
关于身份验证,有一些被视为敏感的操作。更新用户的电子邮件确实是一个需要用户最近登录的安全敏感操作。因此,对于这种操作,您应该重新对用户进行身份验证。
将用户重定向到登录页面是否有效?
这里有两种解决方案,您可以要求用户提供凭据以重新验证身份,或者您可以注销用户,让其重新进行身份验证。
英文:
When it comes to authentication, there are some operations that are considered sensitive. Updating a user’s email is indeed a security-sensitive operation that requires a recent login from the user. So for such an operation, you should reauthenticate the users.
> Will it be valid to redirect the user to the Sing In page?
There are two solutions here, you either reauthenticate the user by asking for the credentials or you can sign the user out and let it authenticate again.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论