An open-source e-commerce shop using React, Express, Firebase, and MongoDB. Designed for pandemic-relief and social good. The project is no longer actively maintained, but feel free to fork and use for your own purpose!
MIT License
26
stars
38
forks
source link
Better Error Message during the sign in process #13
It might be better to display more useful information that shows user has entered an invalid email or password Right now, we are simply using a pop-up window displaying a generic error message. This won't be helpful to user as they don't know which part of information they have entered wrong.
However, at the same time, we don't want to let them know whether they have entered the email or password wrong. That would a security vulnerability.
So overall, we should display a better error message (something like either your email or password is incorrect, and when the user doesn't type in either field, we want to display another kind of message). And the form shouldn't simply be a pop-up window, but maybe a new component that displays on the top of the screen.
Since the error will be thrown by Google firebase (we are calling their method signInWithEmailAndPassword), you might want to check the documentation on what errors the method throws and conditionally renders an error message depending on the error type.
It might be better to display more useful information that shows user has entered an invalid email or password Right now, we are simply using a pop-up window displaying a generic error message. This won't be helpful to user as they don't know which part of information they have entered wrong.
However, at the same time, we don't want to let them know whether they have entered the email or password wrong. That would a security vulnerability.
So overall, we should display a better error message (something like either your email or password is incorrect, and when the user doesn't type in either field, we want to display another kind of message). And the form shouldn't simply be a pop-up window, but maybe a new component that displays on the top of the screen.
Since the error will be thrown by Google firebase (we are calling their method
signInWithEmailAndPassword), you might want to check the documentation on what errors the method throws and conditionally renders an error message depending on the error type.Check out the documentation https://firebase.google.com/docs/reference/js/firebase.auth