Receive error: auth/code-expired on Android

[vorkapps]

Hello and thanks for a great plugin!

I'm developing an app using Ionic + Capacitor.

In my app, I am using email/pwd authentication for the users. But I also want to capture their mobile number (but not sign-in using it). I tried using the normal firebase.auth method of sending an SMS OTP to the mobile, on Android it works perfectly but on iOS it gives me an error stating the reCaptcha needs HTTP/HTTPS environment. After googling the issue, I found your plugin, which I incorporated and use cfaSignIn('phone'.....) which works perfectly on iOS. But on Android it always breaks with the error "auth/code-expired". Any idea how to fix? Also is there a way to just "verify" the number but not sign-in using it? I want to use LinkPhoneNumber() to link the phone number to the existing user which was created via email/pwd authentication, or in case the user changes his number, to use user.updatePhoneNumber() to update the registered phone number. Any hints on how to use your plugin to just send the OTP and verify it, and not create a new signin user with it?

Many thanks Chris

[vorkapps]

Update: I used the cfaSignInPhoneOnCodeReceived() callback in case the device is an android device, and the OTP verification is automatically done. But I need to link the phonenumber to the currently authenticated (via email/pwd) user. When I call the firebase.auth().currentUser.updatePhoneNumber(phonecredential) function to link them, I get the "auth/code-expired" error. The phoneCredential I pass to the updatePhoneNumber() function is created with cred = firebase.auth.PhoneAuthProvider.credential(verificationId, otpCode) that I get back from the cfaSignInPhoneOnCodeReceived() call back, but it seems that since the OTP is already verify, it cannot be used again. So how can I link the "two" users together so that the phone number on the authenticated user is updated?

[vorkapps]

Any help will be appreciated... thanks

[jdordoigne]

Same issue here. Firebase seems to create the user directly on android only and then it's impossible to link to the current user. It even switch the context of the current user on the js side with this new one.

Have you found a solution ?

[vorkapps]

I gave up on this. I'm using email/pwd authentication with firebase and I utilised a 3rd party SMS service on server-side and use firebase functions to generate an OTP and send it via SMS and then another function to verify the user-inputted OTP from the UISent from mobile. Please excuse any typos... :)On Mar 24, 2021 10:20, Kataross @.***> wrote: Same issue here. Firebase seems to create the user directly on android only and then it's impossible to link to the current user. It even switch the context of the current user on the js side with this new one. Have you found a solution ?

—You are receiving this because you authored the thread.Reply to this email directly, view it on GitHub, or unsubscribe.

[jdordoigne]

I'va made several tests and the issue is the current user is not logged from the native side, firebase will then create a new user and it will fail to associate the phone number to the existing user on the client side. A possible fix would be to expose a way to login user on the native side by passing credential information coming from client.

[vorkapps]

A local one in cyprus. But there are plentySent from mobile. Please excuse any typos... :)On Mar 24, 2021 10:29, Kataross @.***> wrote: I think the issue is the user is not authenticate on the native side. I'll try to explore this way. Which external provider have you finally used ?

—You are receiving this because you authored the thread.Reply to this email directly, view it on GitHub, or unsubscribe.

[jdordoigne]

In fact the issue is quite simple. On android the signIn function return validationCode and thus a new user is created (so there is no way to link to the existing account on client side). The fix is quite simple but changes the logic : https://github.com/baumblatt/capacitor-firebase-auth/pull/155