class LoginScreen extends StatefulWidget {
const LoginScreen({super.key});
@override
State<LoginScreen> createState() => _LoginScreenState();
}
class _LoginScreenState extends State<LoginScreen> {
/* -- login screen text controllers -- */
final emailController = TextEditingController();
final passwordController = TextEditingController();
/* -- login screen text controllers -- */
/* -- login user in method -- */
void loginUser() async {
try {
await FirebaseAuth.instance.signInWithEmailAndPassword(
email: emailController.text,
password: passwordController.text,
);
} on FirebaseAuthException catch (e) {
if (e.code == 'user-not-found' || e.code == 'invalid-email') {
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
backgroundColor: Theme.of(context).colorScheme.secondary,
content: Text(
tEmailIncorrect,
style: Theme.of(context).textTheme.bodyText1,
),
),
);
} else if (e.code == 'wrong-password') {
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
backgroundColor: Theme.of(context).colorScheme.secondary,
content: Text(
tPasswordIncorrect,
style: Theme.of(context).textTheme.bodyText1,
),
),
);
} else {
ScaffoldMessenger.of(context).showSnackBar(
SnackBar(
backgroundColor: Theme.of(context).colorScheme.secondary,
content: Text(
tEmailAndPasswordIncorrect, // Use the generic error message here
style: Theme.of(context).textTheme.bodyText1,
),
),
);
}
}
}
/* -- login user in method -- */
@override
Widget build(BuildContext context) {
return Scaffold(
/* -- Body -- */
body: SafeArea(
child: Center(
child: SingleChildScrollView(
child: Column(
mainAxisAlignment: MainAxisAlignment.center,
children: [
const SizedBox(
height: 50.0,
),
/* -- Logo -- */
Icon(
CupertinoIcons.lock_fill,
color: Theme.of(context).iconTheme.color,
size: 100.0,
),
/* -- Logo -- */
const SizedBox(
height: 50.0,
),
/* -- Welcome back, you have been missed -- */
Text(
tWelcomeBackYouHaveBeenMissed,
style: Theme.of(context).textTheme.bodyText1,
),
/* -- Welcome back, you have been missed -- */
const SizedBox(
height: 25.0,
),
/* -- Username textformfield -- */
MyTextFormField(
controller: emailController,
hintText: tEmail,
obscureText: false,
),
/* -- Username textformfield -- */
const SizedBox(
height: 10.0,
),
/* -- Password textformfield -- */
MyTextFormField(
controller: passwordController,
hintText: tPassword,
obscureText: true,
),
/* -- Password textformfield -- */
const SizedBox(
height: 10.0,
),
/* -- Forgot password -- */
Padding(
padding: const EdgeInsets.symmetric(horizontal: 25.0),
child: Row(
mainAxisAlignment: MainAxisAlignment.end,
children: [
Text(
tForgotPassword,
style: TextStyle(
color: Theme.of(context).textTheme.bodyText1!.color,
fontWeight: FontWeight.bold,
),
),
],
),
),
/* -- Forgot password -- */
const SizedBox(
height: 25.0,
),
/* -- Login button -- */
MyCustomButton(
buttonBackgroundColor: cBlueColor,
buttonText: tLogin,
buttonTextColor: cWhiteTextColor,
onTap: loginUser,
),
/* -- Login button -- */
const SizedBox(
height: 50.0,
),
/* -- Or continue with -- */
Padding(
padding: const EdgeInsets.symmetric(horizontal: 25.0),
child: Row(
children: [
const Expanded(
child: Divider(),
),
Padding(
padding: const EdgeInsets.symmetric(horizontal: 10.0),
child: Text(
tOrContinueWith,
style: Theme.of(context).textTheme.bodyText1,
),
),
const Expanded(
child: Divider(),
),
],
),
),
/* -- Or continue with -- */
const SizedBox(
height: 25.0,
),
/* -- Google + facebook + apple + twitter login buttons -- */
const Row(
mainAxisAlignment: MainAxisAlignment.center,
children: [
// google
SquareTile(imagePath: iGoogleLogoImage),
SizedBox(
width: 10.0,
),
// facebook
SquareTile(imagePath: iFacebookLogoImage),
SizedBox(
width: 10.0,
),
// apple
SquareTile(imagePath: iAppleLogoImage),
SizedBox(
width: 10.0,
),
// x
SquareTile(imagePath: iXLogoImage),
],
),
/* -- Google + facebook + apple + twitter login buttons -- */
const SizedBox(
height: 50.0,
),
/* -- Don't you have an account? + register now text -- */
Row(
mainAxisAlignment: MainAxisAlignment.center,
children: [
Text(
tDontYouHaveAnAccount,
style: Theme.of(context).textTheme.bodyText1,
),
const SizedBox(
width: 10.0,
),
Text(
tRegisterNow,
style: Theme.of(context).textTheme.headline5,
),
],
),
/* -- Don't you have an account? + register now text -- */
],
),
),
),
),
/* -- Body -- */
);
}
}
The problem I am facing is :
I have developed a user login form. However, even when only the email part is entered incorrectly, I get the message "both your email address and password are incorrect". When the email is entered incorrectly, I want to get a message that only the email address is incorrect.
The solution I was waiting for:
When an e-mail address is entered incorrectly, the user should only be shown an error message that the e-mail address is incorrect. Similarly, if the password is entered incorrectly, only the password error message should be shown.
The event that took place :
Currently, the message "both your email address and password are incorrect" is shown, even when only the email is entered incorrectly.
On projects created since September 2023, Firebase auto-enables its protection against email enumeration attacks. This changes the behavior of many APIs, including the signInWithEmailAndPassword you're calling. Specifically, the APIs will no longer will return 'user-not-found' errors - as those are what makes email enumeration attacks possible. So that's why your code falls through to the else block.
You will either have to disable the protection against email enumeration attacks, or no longer distinguish between these cases in your code.