Firebase 谷歌登录不要求用户密码

Question

Firebase Google 登录不要求用户密码并重定向到错误页面。

firebase email 登录确实有效。

我已经在配置 JS 代码、firebase 控制台和 Google Cloud API 密钥中将授权重定向 URI 设置为正确的 URI。

当我按下 Google 按钮时，它会重定向到如下内容：

www.myurl.com/__/auth/handler?apiKey=xxxxxxxxxxxxxxxxxxxxx&appName=%5BDEFAULT%5D-firebaseui-temp&authType=signInViaRedirect&redirectUrl=https%3A%2F%2Fwww.myurl.com%2Fsign-in&v=9.13.0&providerId=google.com&scopes=profile

我网站中的代码如下：

在 header 中：

<script src="https://www.gstatic.com/firebasejs/9.13.0/firebase-app-compat.js"></script>
<script src="https://www.gstatic.com/firebasejs/9.13.0/firebase-auth-compat.js"></script>
<script src="https://www.gstatic.com/firebasejs/ui/6.0.2/firebase-ui-auth.js"></script>
<link
      type="text/css"
      rel="stylesheet"
      href="https://www.gstatic.com/firebasejs/ui/6.0.2/firebase-ui-auth.css"
      />

在正文中，我有一个包含以下代码的元素：

<div id="firebaseui-auth-container"></div>

<script type="text/javascript">
      //const auth = firebase.auth();
      // FirebaseUI config.
      var uiConfig = {
        // Important: the following URL should be in both Firebase and Gloogle Cloud authorised clients
        signInSuccessUrl: "/private/main",
        // autoUpgradeAnonymousUsers: true,
        signInOptions: [
          // Leave the lines as is for the providers you want to offer your users.
          firebase.auth.GoogleAuthProvider.PROVIDER_ID,
          firebase.auth.EmailAuthProvider.PROVIDER_ID,

        ],
        // tosUrl and privacyPolicyUrl accept either url string or a callback.
        // Terms of service url/callback.
        tosUrl: "/terms-of-services",
        // Privacy policy url/callback.
        privacyPolicyUrl: "/privacy-policy"
      };
      // App's Firebase configuration
      const firebaseConfig = {
        apiKey: "xxxxxxxxxxxxxxxxxx",
        authDomain: "myurl.com",
        projectId: "xxxxxxxxxxxxxxxxx",
        storageBucket: "xxxxxxxxxxxxxxxx",
        messagingSenderId: "xxxxxxxxxxxxxxxxx",
        appId: "xxxxxxxxxxxxxxxxx",
      };

      // Initialize Firebase
      const app = firebase.initializeApp(firebaseConfig);

      // Initialize the FirebaseUI Widget using Firebase.
      var ui = new firebaseui.auth.AuthUI(firebase.auth());
      // The start method will wait until the DOM is loaded.
      ui.start("#firebaseui-auth-container", uiConfig);
    </script>

Answer 1

元素 firebaseui-auth-container 中的语法似乎存在问题，其中重定向未被正确调用，如果用户也已经登录并且您已验证它，那么根据您的评论，它也会登陆到不正确的登录页面，那么重定向和呈现可能会导致此行为。
我建议您删除下面 Email AuthProvider 之后的多余逗号；并检查符号选项是否正常工作。

signInOptions: [ // Leave the lines as is for the providers you want to offer your users.    
  firebase.auth.GoogleAuthProvider.PROVIDER_ID,  
  firebase.auth.EmailAuthProvider.PROVIDER_ID]

除了上述更改，如果您希望在每次加载页面以重新验证和登录时配置强制重新输入密码，请尝试添加以下自定义参数。

  signInOptions: [
{
      provider: firebase.auth.GoogleAuthProvider.PROVIDER_ID,
      scopes: [
        'public_profile',
        'email',
        'user_likes',
        'user_friends'
      ],
      customParameters: {
        // Forces password re-entry.
        auth_type: 'reauthenticate'
      }
    },

还要检查登录成功时默认重定向 url 的部分。

// Will use popup for IDP Providers sign-in flow instead of the default, redirect.
  signInFlow: 'popup',
  signInSuccessUrl: '<url-to-redirect-to-on-success>'

我还建议您查看以下链接以获取类似示例：

• Firebase用户可以不用密码吗
• 每次用户登录时强制输入密码 firebase SignIn
• 检查用户是否通过身份验证

Answer 2

事实证明，解决方案是将 firebase 身份验证域添加到 Google Cloud API 密钥，该域出现在 URL 的firebaseConfig变量中，其中托管进行身份验证的网站。