While registering, implement RE into the controller such that only popular domains can be used:
For example --> @gmail.com, @outlook.com, @yahoo.com and so on.
Right now, the issue is the fact that firebase authservice only checks for @ and .com in the mail ID textfield. As a result, even an arbitrary login ID such as testing@testinger.com can login despite invalid domain. This rises from the fact that I had to disable email enumeration in Firebase Console in order for changes to reflect. This is very solvable.
Also create a return Dialog in case the above RE criteria is not met (you can look at the code for invalidAuth void function to mimic similar Dialog prompt behaviour.
nots1dd
commented
8 months ago
While registering, implement RE into the controller such that only popular domains can be used: For example -->
@gmail.com,@outlook.com,@yahoo.comand so on. Right now, the issue is the fact that firebase authservice only checks for@and.comin the mail ID textfield. As a result, even an arbitrary login ID such astesting@testinger.comcan login despite invalid domain. This rises from the fact that I had to disable email enumeration in Firebase Console in order for changes to reflect. This is very solvable. Also create a return Dialog in case the above RE criteria is not met (you can look at the code forinvalidAuthvoid function to mimic similar Dialog prompt behaviour.