Calling Firebase `validatePassword` outside of an Injection context

Question

Calling Firebase `validatePassword` outside of an Injection context

rgant opened this issue 10 months ago · 3 comments

Is the running outside of injection context warning legitimate when using validatePassword?

My code:

import { EnvironmentInjector, inject, runInInjectionContext } from '@angular/core';
import { Auth, validatePassword } from '@angular/fire/auth';
import type { PasswordValidationStatus } from '@angular/fire/auth';
import type { AbstractControl, AsyncValidatorFn, ValidationErrors } from '@angular/forms';

import { getPasswordControlValue } from './util';

/**
 * Validate against the Firebase Project Authentication Password Policy.
 *
 * Note: at this time there is no actual need for this because the policy only enforces length and
 * other Validators already check for that. However it is nice to know how to do this.
 */
export const passwordFirebaseValidator = (): AsyncValidatorFn => {
  const auth: Auth = inject(Auth);
  const environmentInjector = inject(EnvironmentInjector);

  return async (control: AbstractControl<unknown>): Promise<ValidationErrors | null> => {
    const value = getPasswordControlValue(control);

    // Like Validators.email, rely on Validators.required to check for blank passwords.
    if (value == undefined) {
      return null; // eslint-disable-line unicorn/no-null -- ValidatorFn returns null
    }

    const { passwordPolicy: _, ...status } = await runInInjectionContext(
      environmentInjector,
      async (): Promise<PasswordValidationStatus> => validatePassword(auth, value),
    );

    return status.isValid ? null : { firebasevalidator: status }; // eslint-disable-line unicorn/no-null
  };
};

I added EnvironmentInjector and runInInjectionContext and that got rid of the warning, but is all this necessary? It would be nice if validation was simplier.

Answer 1 · 2025-01-22T00:18:38.000Z

This issue does not seem to follow the issue template. Make sure you provide all the required information.

Answer 2 · 2025-01-22T03:53:45.000Z

I'll look into reducing the log verbosity of the validate method, it shouldn't be necessary to be in an injection context for every single API but AngularFire can't guarantee stability without it.

Answer 3 · 2025-01-22T14:44:58.000Z

I'm trying to create a demonstration app illustrating Angular, Firebase, and best practices. And I am running into this warning a bunch. So is there a better way to do things like this that I am missing?

For example the signOut modular method. I'm doing something quite similar to what is shown in this repo. And getting this same warning. So if there is a better way, I would love to use it now before I implement everything wrongly.