flutterfirebasedartfirebase-authentication

The supplied auth credential is incorrect, malformed or has expired

I'm getting this error message when I try to test the signin page:

Initial task failed for action RecaptchaAction(action=signInWithPassword)with exception - The supplied auth credential is incorrect, malformed, or has expired.

I'm getting the same error, even when entering the wrong email or password. I've handled the FirebaseAuthException and tried to show message in the snackbar,also printing the exception message. but nothing happens.

Here are my codes:

Sig-in code

sigin(String signinEmail, String signinPassword,
    BuildContext context) async {
  try {
    await FirebaseAuth.instance.signInWithEmailAndPassword(
        email: signinEmail, password: signinPassword);

    if (!context.mounted) return;
    Navigator.push(context,
        MaterialPageRoute(builder: (context) => const HomePage()));
  } on FirebaseAuthException catch (e) {
    if (e.code == 'invalid-email') {
      showSnackbarMessage(context, 'Invalid Email');
        print('Firebase Authentication Exception: ${e.code}/////////////');

    } else if (e.code == 'user-not-found') {
      showSnackbarMessage(context, 'User not found for this Email');
        print('Firebase Authentication Exception: ${e.code}/////////////');

    } else if (e.code == 'wrong-password') {
      showSnackbarMessage(context, 'Wrong Password');
        print('Firebase Authentication Exception: ${e.code}/////////////');

    }
  } catch (e) {
    showSnackbarMessage(context, 'Unexpected error during sign-in: $e');
      print('Firebase Authentication Exception: $e/////////////');

  }
}

Custom snackbar code

void showSnackbarMessage(BuildContext context, String message) {
  ScaffoldMessenger.of(context).showSnackBar(
    SnackBar(
      content: Text(message),
      backgroundColor: Colors.red,
      duration: const Duration(seconds: 3),
      behavior: SnackBarBehavior.floating,
       margin: const EdgeInsets.only(bottom: 600,right: 20,left: 20),
    ),
  );
}

Please solve the issue.

Solution

  • In projects created since September 15, 2023 - the setting to protect against email enumeration attacks is enabled by default. With that setting enabled, you'll never get 'user-not-found and wrong-password response codes anymore, as those would leak information about the existence of the email address in the project.

    You will either have to handle the new, more generic error code you are getting - or alternatively, you can disable the protection against email enumeration attacks.

    Also see: