To your first question, I haven't found a way around this. I've seen people post the same "problem" as far back as 2018:

I don't think there is a work-around.

To your second question, I managed to get a password-less/magic link authentication system going with a Chrome Extension.

It involved writing my own REST API server to dispense and handle password-less auth using JWT(JSON Web Tokens).

Basically, when the user clicked on the link in their e-mail, they were redirected to a URI of my REST server. Upon being redirected, I sent and embedded cookies within the browser; cookies of course, specific to my REST API's domain.

Then, my Chrome Extension would just look for those cookies, "log" the user in, and go from there.

I haven't tried Firebase's password-less functionality.

Learning to code…

Learning to code…