I am using Hasura with Firebase and Flutter. When a password-less login/signup link is sent to the user for the first time, I need to intercept the account creation process to add some custom claims before they are automatically logged in. If they are automatically logged in then the custom claims won't be present and permissions will be incorrect.
Is it possible to have a custom Firebase function that I could call to create a "password less" account with the custom claims before I process the magic link? The only call I can see is createUserWithEmailAndPassword
which is not the right method...
Another option (less attractive) is to process the link using signInWithEmailLink()
, apply the claims to the account using a firebase function, then force a new token (which will have the new claims) via _firebaseAuth.currentUser.getIdTokenResult(true)
.... would an onAuthStateChanged
be triggered on a forced token refresh?
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…