-
-
Notifications
You must be signed in to change notification settings - Fork 437
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
User can still log into the dashboard with invalid login credentials #4
Comments
I am wondering if you added "exact " for the "/" route |
Yeah, I did. |
Does it not show the alert which says 'Failed to login' or something similar? Because I do not get the alert, and there's an uncaught It looks like the |
I've figured out a solution here, it's basically to add the Here's my AuthContext.js file:import { createContext, useState, useEffect } from 'react';
import { auth } from '../firebaseConfig';
export const AuthContext = createContext();
export const AuthProvider = ({ children }) => {
const [currentUser, setCurrentUser] = useState();
const [loading, setLoading] = useState(true);
const [error, setError] = useState('');
useEffect(() => {
const unsubscribe = auth.onAuthStateChanged((user) => {
setCurrentUser(user);
setLoading(false);
});
return unsubscribe;
}, []);
const signup = (email, password) => {
auth.createUserWithEmailAndPassword(email, password);
};
const login = (email, password) => {
auth
.signInWithEmailAndPassword(email, password)
.then((userCredential) => {
//signed in!
setLoading(false);
})
.catch((err) => {
//error
setLoading(false);
setError(err.message);
});
};
const value = {
currentUser,
loading,
error,
signup,
login,
};
return (
<AuthContext.Provider value={value}>
{!loading && children}
</AuthContext.Provider>
);
}; Here's a snippet of the submit event on the form: const { login, error, loading } = useContext(AuthContext);
const history = useHistory();
const handleSubmit = async (e) => {
e.preventDefault();
await login(emailRef.current.value, passwordRef.current.value);
if (!loading && !error) {
history.push('/');
}
}; This displays the error that firebase sends in case we enter a wrong password during login, thus prevent the user to route to the homepage. It also prevents the user from routing to the homepage if there are multiple invalid password attempts! All this info is shown in the Edit: I believe this should be done with all other async firebase functions as well, i.e, for sign-up, logout, etc. |
Hey Kyle, I did the same thing you did on this project and I noticed that the moment I add the history.push('/') line beneath the login function, it allows users login even if the login credential is invalid.
async function handleSubmit(e) {
e.preventDefault()
}
The text was updated successfully, but these errors were encountered: