如何根据我的实时数据库和OTP验证来验证用户?
如何根据我的实时数据库和OTP验证来验证用户?
提问于 2018-03-16 14:13:40
我已经在Android Studio中创建了一个Android应用程序,并将其与Firebase实时数据库相链接。我已经使用Firebase的电话身份验证和通知服务将OTP发送到CUG电话号码。然后验证它(代码如下所示)。
public class PhoneLogin extends AppCompatActivity {
private static final String TAG = "PhoneLogin";
private boolean mVerificationInProgress = false;
private String mVerificationId;
private PhoneAuthProvider.ForceResendingToken mResendToken;
private PhoneAuthProvider.OnVerificationStateChangedCallbacks mCallbacks;
private FirebaseAuth mAuth;
TextView t1,t2;
ImageView i1;
EditText e1,e2;
Button b1,b2;
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_phone_login);
e1 = (EditText) findViewById(R.id.Phonenoedittext); //Enter Phone no.
b1 = (Button) findViewById(R.id.PhoneVerify); //Send OTP button
t1 = (TextView)findViewById(R.id.textView2Phone); //Telling user to enter phone no.
i1 = (ImageView)findViewById(R.id.imageView2Phone); //Phone icon
e2 = (EditText) findViewById(R.id.OTPeditText); //Enter OTP
b2 = (Button)findViewById(R.id.OTPVERIFY); //Verify OTP button
t2 = (TextView)findViewById(R.id.textViewVerified); //Telling user to enter otp
mAuth = FirebaseAuth.getInstance();
mCallbacks = new PhoneAuthProvider.OnVerificationStateChangedCallbacks() {
@Override
public void onVerificationCompleted(PhoneAuthCredential credential) {
// Log.d(TAG, "onVerificationCompleted:" + credential);
mVerificationInProgress = false;
Toast.makeText(PhoneLogin.this,"Verification Complete",Toast.LENGTH_SHORT).show();
signInWithPhoneAuthCredential(credential);
}
@Override
public void onVerificationFailed(FirebaseException e) {
// Log.w(TAG, "onVerificationFailed", e);
Toast.makeText(PhoneLogin.this,"Verification Failed",Toast.LENGTH_SHORT).show();
if (e instanceof FirebaseAuthInvalidCredentialsException) {
// Invalid request
Toast.makeText(PhoneLogin.this,"InValid Phone Number",Toast.LENGTH_SHORT).show();
// ...
} else if (e instanceof FirebaseTooManyRequestsException) {
}
}
@Override
public void onCodeSent(String verificationId,
PhoneAuthProvider.ForceResendingToken token) {
// Log.d(TAG, "onCodeSent:" + verificationId);
Toast.makeText(PhoneLogin.this,"Verification code has been sent",Toast.LENGTH_SHORT).show();
// Save verification ID and resending token so we can use them later
mVerificationId = verificationId;
mResendToken = token;
e1.setVisibility(View.GONE);
b1.setVisibility(View.GONE);
t1.setVisibility(View.GONE);
i1.setVisibility(View.GONE);
t2.setVisibility(View.VISIBLE);
e2.setVisibility(View.VISIBLE);
b2.setVisibility(View.VISIBLE);
// ...
}
};
b1.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
PhoneAuthProvider.getInstance().verifyPhoneNumber(
e1.getText().toString(),
60,
java.util.concurrent.TimeUnit.SECONDS,
PhoneLogin.this,
mCallbacks);
}
});
b2.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
PhoneAuthCredential credential = PhoneAuthProvider.getCredential(mVerificationId, e2.getText().toString());
// [END verify_with_code]
signInWithPhoneAuthCredential(credential);
}
});
}
private void signInWithPhoneAuthCredential(PhoneAuthCredential credential) {
mAuth.signInWithCredential(credential)
.addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
@Override
public void onComplete(@NonNull Task<AuthResult> task) {
if (task.isSuccessful()) {
// Log.d(TAG, "signInWithCredential:success");
startActivity(new Intent(PhoneLogin.this,NavigationDrawer.class));
Toast.makeText(PhoneLogin.this,"Verification Done",Toast.LENGTH_SHORT).show();
// ...
} else {
// Log.w(TAG, "signInWithCredential:failure", task.getException());
if (task.getException() instanceof FirebaseAuthInvalidCredentialsException) {
// The verification code entered was invalid
Toast.makeText(PhoneLogin.this,"Invalid Verification",Toast.LENGTH_SHORT).show();
}
}
}
});
}
}现在我想添加另一个验证,即输入的CUG编号。存在于我的数据库中,那么应该只进行OTP身份验证。我的数据库如下所示:
访问这个数据库的代码可能是
DatabaseReference rootRef = FirebaseDatabase.getInstance().getReference();
DatabaseReference phoneNumberRef =
rootRef.child("Employees").child(PhoneNumberenteredByUser);
ValueEventListener eventListener = new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
if(dataSnapshot.exists()) {
//do something
} else {
//do something else
}
}
@Override
public void onCancelled(DatabaseError databaseError) {}
};
phoneNumberRef.addListenerForSingleValueEvent(eventListener);此外,当我看到Firebase实时数据库的规则时,我注意到它不应该被保留为公共的,但如果我需要保持它的私密性,那么用户应该首先进行身份验证,所以我是否需要首先通过OTP对用户进行身份验证,然后检查用户CUG否。存在于我的数据库中?
验证任何编号的编辑代码。即使它不在我的数据库里:
public class PhoneLogin extends AppCompatActivity {
private static final String TAG = "PhoneLogin";
private boolean mVerificationInProgress = false;
private String mVerificationId;
private PhoneAuthProvider.ForceResendingToken mResendToken;
private PhoneAuthProvider.OnVerificationStateChangedCallbacks mCallbacks;
private FirebaseAuth mAuth;
TextView t1,t2;
ImageView i1;
EditText e1,e2;
Button b1,b2;
//DBA1
private DatabaseReference rootRef = FirebaseDatabase.getInstance().getReference();
private DatabaseReference phoneNumberRef;
String mobno;
//DBA1 End
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_phone_login);
e1 = (EditText) findViewById(R.id.Phonenoedittext);
b1 = (Button) findViewById(R.id.PhoneVerify);
t1 = (TextView) findViewById(R.id.textView2Phone);
i1 = (ImageView) findViewById(R.id.imageView2Phone);
e2 = (EditText) findViewById(R.id.OTPeditText);
b2 = (Button) findViewById(R.id.OTPVERIFY);
t2 = (TextView) findViewById(R.id.textViewVerified);
mobno=e1.getText().toString();
//DBA2
phoneNumberRef = rootRef.child("Employees").child(mobno);
ValueEventListener eventListener = new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
if (dataSnapshot.exists()) {
mAuth = FirebaseAuth.getInstance();
mCallbacks = new PhoneAuthProvider.OnVerificationStateChangedCallbacks() {
@Override
public void onVerificationCompleted(PhoneAuthCredential credential) {
// Log.d(TAG, "onVerificationCompleted:" + credential);
mVerificationInProgress = false;
Toast.makeText(PhoneLogin.this,"Verification Complete",Toast.LENGTH_SHORT).show();
signInWithPhoneAuthCredential(credential);
}
@Override
public void onVerificationFailed(FirebaseException e) {
// Log.w(TAG, "onVerificationFailed", e);
Toast.makeText(PhoneLogin.this,"Verification Failed",Toast.LENGTH_SHORT).show();
if (e instanceof FirebaseAuthInvalidCredentialsException) {
// Invalid request
Toast.makeText(PhoneLogin.this,"InValid Phone Number",Toast.LENGTH_SHORT).show();
// ...
} else if (e instanceof FirebaseTooManyRequestsException) {
}
}
@Override
public void onCodeSent(String verificationId,
PhoneAuthProvider.ForceResendingToken token) {
// Log.d(TAG, "onCodeSent:" + verificationId);
Toast.makeText(PhoneLogin.this,"Verification code has been sent",Toast.LENGTH_SHORT).show();
// Save verification ID and resending token so we can use them later
mVerificationId = verificationId;
mResendToken = token;
e1.setVisibility(View.GONE);
b1.setVisibility(View.GONE);
t1.setVisibility(View.GONE);
i1.setVisibility(View.GONE);
t2.setVisibility(View.VISIBLE);
e2.setVisibility(View.VISIBLE);
b2.setVisibility(View.VISIBLE);
// ...
}
};
b1.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
PhoneAuthProvider.getInstance().verifyPhoneNumber(
e1.getText().toString(),
60,
java.util.concurrent.TimeUnit.SECONDS,
PhoneLogin.this,
mCallbacks);
}
});
b2.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
PhoneAuthCredential credential = PhoneAuthProvider.getCredential(mVerificationId, e2.getText().toString());
// [END verify_with_code]
signInWithPhoneAuthCredential(credential);
}
});
} else {
Toast.makeText(getApplicationContext(),"Incorrect CUG",Toast.LENGTH_SHORT).show();
}
}
@Override
public void onCancelled(DatabaseError databaseError) {
}
};
phoneNumberRef.addListenerForSingleValueEvent(eventListener);
//DBA2 End
}
private void signInWithPhoneAuthCredential(PhoneAuthCredential credential) {
mAuth.signInWithCredential(credential)
.addOnCompleteListener(this, new OnCompleteListener<AuthResult>() {
@Override
public void onComplete(@NonNull Task<AuthResult> task) {
if (task.isSuccessful()) {
startActivity(new Intent(PhoneLogin.this,NavigationDrawer.class));
Toast.makeText(PhoneLogin.this,"Verification Done",Toast.LENGTH_SHORT).show();
// Log.d(TAG, "signInWithCredential:success");
//startActivity(new Intent(PhoneLogin.this,NavigationDrawer.class));
Toast.makeText(PhoneLogin.this,"Verification Done",Toast.LENGTH_SHORT).show();
// ...
} else {
// Log.w(TAG, "signInWithCredential:failure", task.getException());
if (task.getException() instanceof FirebaseAuthInvalidCredentialsException) {
// The verification code entered was invalid
Toast.makeText(PhoneLogin.this,"Invalid Verification",Toast.LENGTH_SHORT).show();
}
}
}
});
}
}回答 3
Stack Overflow用户
回答已采纳
发布于 2018-06-04 04:58:39
很简单,
编辑您的
b2.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
PhoneAuthCredential credential = PhoneAuthProvider.getCredential(mVerificationId, e2.getText().toString());
// [END verify_with_code]
signInWithPhoneAuthCredential(credential);
}
});通过以下方式:
b2.setOnClickListener(new View.OnClickListener() {
@Override
public void onClick(View v) {
//Write your database reference and check in the database for entered mobno.
rootRef.addListenerForSingleValueEvent(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
if(dataSnapshot.child(mobno).exists()){
PhoneAuthCredential credential = PhoneAuthProvider.getCredential(mVerificationId, e2.getText().toString());
// [END verify_with_code]
signInWithPhoneAuthCredential(credential);
}
else{
Toast.makeText(PhoneLogin.this,"No such CUG No. found",Toast.LENGTH_SHORT).show();
}
}
@Override
public void onCancelled(DatabaseError databaseError) {
}
});Stack Overflow用户
发布于 2018-03-16 17:27:36
我希望这能帮到你!我有过这样的场景,但我有一个变通的办法。首先,在向"Employees“添加数据时,可以使用userID让userId添加一个额外的节点。让我们试试这个
DatabaseReference rootRef=FirebaseDatabase.getInstance().getReference("Employees");
FirebaseAuth firebaseAuth;
FirebaseUser user=firebaseAuth.getInstance().getCurrentUser();
rootRef.child(user.getUid()).setValue(youModelClassObject);//rootRef is your database reference这意味着在添加到"Employees“中的每个用户上都会有一个包含其userID的节点。现在,当尝试访问数据库并检查是否可以在employees下找到已通过身份验证的userId时。我会这样做的..
rootRef.addValueEventListener(new ValueEventListener() {
@Override
public void onDataChange(DataSnapshot dataSnapshot) {
for(DataSnapshot ds : dataSnapshot.getChildren()) {
Object obj=ds.getKey(); //
Firebase user = firebaseAuth.getInstance().getCurrentUser();
String myId=user.getUid();
//Specify your model class here
ModelClass modelObject=new ModelClass();
if(Objects.equals(myId, obj.toString()))
{
//assuming you've set getters and setters in your model class
modelObject.setPhone(ds.getValue(ModelClass.class).getPhone());
String myDatabasePhone=modelObject.getPhone();
if (myDatabasePhone!=null)
{
//Now call the second OTP verification method and pass 'myDatabasePhone'
}
}else {
//User not found
//direct them to a signup Activy
}
}
}
@Override
public void onCancelled(DatabaseError databaseError) {
}
});`enter code here`Stack Overflow用户
发布于 2018-03-16 16:21:37
不,在您尝试验证用户身份时,您需要检查该用户是否存在。因此,您需要先检查,然后进行身份验证。您的代码看起来非常好。
关于规则,这是真的,它不应该公开。因此,只允许经过身份验证的用户在数据库中进行更改。
页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/49314285
复制相关文章
相似问题