使用Firebase创建手机号码身份验证

Question

目前，Firebase网站上的选项将您限制为通过Facebook或个人电子邮件等对用户进行身份验证的预先包装解决方案。我希望允许用户使用他们的手机号码进行登录和身份验证，就像Snapchat允许的一样。

是否有预包装的解决方案？这如何构建出来？

Answer 1

目前不支持。电话号码认证是隐私，安全和产品角度实施的棘手功能。也就是说，如果你想构建它，你将不得不实现你自己的机制，使用Twilio这样的服务向用户发送带有唯一短命代码（对应于特定电话号码的分配uid）的SMS消息。您还必须防止尝试模拟您的应用（在3个受支持的平台中）并诱骗用户将SMS代码输入到其应用中的应用的钓鱼攻击。更不用说你必须防止滥用（恶意用户从你的应用发送短信）。最后，当用户兑换SMS代码时，您可以返回客户端的Firebase管理员sdk和signInWithCustomToken当前支持的自定义令牌（与分配的uid关联），从而完成登录过程。这仍然是这个问题的过于简单化。我建议您在Firebase Google论坛中申请该功能。

Answer 2

这是可能的。但目前只适用于iOS/Web。 Android的实施也应尽快完成。检查Firebase文档。 https://firebase.google.com/docs/auth/web/phone-auth

Answer 3

现在手机权威性是firebase.Here可以是使用火力地堡代码电话验证：

EditText phoneNum,Code;// two edit text one for enter phone number other for enter OTP code 
Button sent_,Verify; // sent button to request for verification and verify is for to verify code 
private PhoneAuthProvider.ForceResendingToken mResendToken; 
private PhoneAuthProvider.OnVerificationStateChangedCallbacks mCallbacks; 
private FirebaseAuth mAuth; 
private String mVerificationId; 

@Override 
protected void onCreate(Bundle savedInstanceState) { 
    super.onCreate(savedInstanceState); 
    setContentView(R.layout.activity_phone_number_auth);// layout 


    phoneNum =(EditText) findViewById(R.id.fn_num); 
    Code =(EditText) findViewById(R.id.code); 

    sent_ =(Button)findViewById(R.id.sent_nu); 
    Verify =(Button)findViewById(R.id.verify); 

    callback_verificvation();     ///function initialization 

    mAuth = FirebaseAuth.getInstance(); 


    sent_.setOnClickListener(new View.OnClickListener() { 
     @Override 
     public void onClick(View v) { 
      String num=phoneNum.getText().toString(); 
      startPhoneNumberVerification(num);   // call function for receive OTP 6 digit code 
     } 
    }); 
    Verify.setOnClickListener(new View.OnClickListener() { 
     @Override 
     public void onClick(View v) { 
      String code=Code.getText().toString(); 
      verifyPhoneNumberWithCode(mVerificationId,code);  //call function for verify code 

     } 
    }); 
} 

private void startPhoneNumberVerification(String phoneNumber) { 
    // [START start_phone_auth] 
    PhoneAuthProvider.getInstance().verifyPhoneNumber(
      phoneNumber,  // Phone number to verify 
      60,     // Timeout duration 
      TimeUnit.SECONDS, // Unit of timeout 
      this,    // Activity (for callback binding) 
      mCallbacks);  // OnVerificationStateChangedCallbacks 
    // [END start_phone_auth] 


} 

private void signInWithPhoneAuthCredential(PhoneAuthCredential credential) { 
    mAuth.signInWithCredential(credential) 
      .addOnCompleteListener(this, new OnCompleteListener<AuthResult>() { 
       @Override 
       public void onComplete(@NonNull Task<AuthResult> task) { 
        if (task.isSuccessful()) { 
         // Sign in success, update UI with the signed-in user's information 

         FirebaseUser user = task.getResult().getUser(); 
         Toast.makeText(getApplicationContext(), "sign in successfull", Toast.LENGTH_SHORT).show(); 
         // [START_EXCLUDE] 


        } else { 
         // Sign in failed, display a message and update the UI 

         if (task.getException() instanceof FirebaseAuthInvalidCredentialsException) { 
          // The verification code entered was invalid 

         } 

        } 
       } 
      }); 
} 
private void verifyPhoneNumberWithCode(String verificationId, String code) { 
    // [START verify_with_code] 
    PhoneAuthCredential credential = PhoneAuthProvider.getCredential(verificationId, code); 
    // [END verify_with_code] 
    signInWithPhoneAuthCredential(credential); 
} 


private void callback_verificvation() { 

    mCallbacks = new PhoneAuthProvider.OnVerificationStateChangedCallbacks() { 

     @Override 
     public void onVerificationCompleted(PhoneAuthCredential credential) { 
      // This callback will be invoked in two situations: 
      // 1 - Instant verification. In some cases the phone number can be instantly 
      //  verified without needing to send or enter a verification code. 
      // 2 - Auto-retrieval. On some devices Google Play services can automatically 
      //  detect the incoming verification SMS and perform verificaiton without 
      //  user action. 
      // [START_EXCLUDE silent] 


      // [START_EXCLUDE silent] 

      signInWithPhoneAuthCredential(credential); 
     } 

     @Override 
     public void onVerificationFailed(FirebaseException e) { 
      // This callback is invoked in an invalid request for verification is made, 
      // for instance if the the phone number format is not valid. 
      // [START_EXCLUDE silent] 


      if (e instanceof FirebaseAuthInvalidCredentialsException) { 
       // Invalid request 


       // [END_EXCLUDE] 
      } else if (e instanceof FirebaseTooManyRequestsException) { 
       // The SMS quota for the project has been exceeded 

      } 


     } 

     @Override 
     public void onCodeSent(String verificationId, 
           PhoneAuthProvider.ForceResendingToken token) { 
      // The SMS verification code has been sent to the provided phone number, we 
      // now need to ask the user to enter the code and then construct a credential 
      // by combining the code with a verification ID. 


      // Save verification ID and resending token so we can use them later 
      mVerificationId = verificationId; 
      mResendToken = token; 


     } 
    };