如何在Firebase身份验证中设置角色？ [英] How do I set up roles in firebase auth?

问题描述

我当前正在使用电子邮件和密码登录。但我希望能够为每个用户分配一个角色：管理员或用户。我已经读到这是通过使用自定义auth方法完成的，但是我发现文档尚不清楚无法通过电子邮件/密码验证来实现。

I am currently logging in with email and password. But I would like to be able to assign a role to each user: admin or user. I have read that this is done by using the custom auth method, but I find the docs not clear to implement with email/password authentication.

我该如何设置

我当前正在使用Firebase进行余烬 emberfire

I am currently using firebase for ember emberfire

更新：

文档参考： https://www.firebase.com/docs/web/guide/login/custom.html

推荐答案

Firebase刚刚通过ID令牌上的自定义用户声明，开始支持任何用户的基于角色的访问： https://firebase.google.com/docs/auth/admin/custom-claims

Firebase just launched support for role based access on any user via custom user claims on the ID token: https://firebase.google.com/docs/auth/admin/custom-claims

您将定义管理员访问规则：

You would define the admin access rule:

{
  "rules": {
    "adminContent": {
      ".read": "auth.token.admin === true",
      ".write": "auth.token.admin === true",
    }
  }
}

使用Admin SDK设置用户角色：

Set the user role with the Admin SDK:

// Set admin privilege on the user corresponding to uid.
admin.auth().setCustomUserClaims(uid, {admin: true}).then(() => {
  // The new custom claims will propagate to the user's ID token the
  // next time a new one is issued.
});

这将传播到相应用户的ID令牌声明中。

This will propagate to the corresponding user's ID token claims.

要从客户端上的令牌解析它，请检查： https://firebase.google.com/docs/auth/admin/custom-claims#access_custom_claims_on_the_client

To parse it from the token on the client, check: https://firebase.google.com/docs/auth/admin/custom-claims#access_custom_claims_on_the_client

这篇关于如何在Firebase身份验证中设置角色？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！