This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(96, 49%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED%3C/text%3E%3C/svg%3E)
I do have an ASP.NET Core web api with an Angular frontend and I'm trying to use Facebook Login. Currently, I can successfully login using an angular social login module that I got from angularx-social-login and it returns token and some information about the facebook account. My problem right now is I'm trying to save the facebook credentials into my user store but received an error that I can't add the new facebook user as it doesn't have any password.
public async Task<ActionResult<UserDto>> Facebook([FromBody] FacebookAuthViewModel model)
{
var userInfoResponse = await Client.GetStringAsync(
$"https://graph.facebook.com/v2.8/me?fields=id,email,first_name,last_name,name,gender,locale,birthday,picture&access_token={model.AccessToken}");
var userInfo = JsonConvert.DeserializeObject<FacebookUserData>(userInfoResponse);
var user = await _userManager.FindByEmailAsync(userInfo.Email);
if (user == null)
{
var appUser = new AppUser
{
FirstName = userInfo.FirstName,
LastName = userInfo.LastName,
FacebookId = userInfo.Id,
Email = userInfo.Email,
UserName = userInfo.Email,
PictureUrl = userInfo.Picture.Data.Url
};
await _userManager.CreateAsync(appUser,
null);
}
var localUser = await _userManager.FindByNameAsync(userInfo.Email);
if (localUser == null)
{
return BadRequest(new ApiResponse(401, "Failed to create local user account."));
}
return new UserDto
{
DisplayName = localUser.DisplayName,
Token = _tokenService.CreateToken(localUser),
Email = localUser.Email,
};
}
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 61%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
while you can override the password policy, you can just use a dummy password.
what is the point of creating a user account? your server is just trusting that the client verified the facebook account, rather than verifying the facebook token itself.
The point of creating a user account is for assigning roles or for blocking/deleting the user in the future.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(73.60000000000001, 90%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EZL%3C/text%3E%3C/svg%3E)
Hi @DikongPrigm ,
To create a password and sign in using your email that you set during the sign in process with external providers:
Select the Hello <email alias> link at the top-right corner to navigate to the Manage view. Like this (in this sample, I'm using Microsoft login, after click the link the result as below):
Set a valid password and you can use this to sign in with your email.
More detail information, see Optionally set password.
If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Best regards,
Dillion