如何使用 Firebase 身份验证在用户注册过程中保存额外信息 [英] How to save extra info during user signup process using firebase authentication
问题描述
我正在构建一个网站,我在其中集成了用于登录/注册的 firebase 身份验证网站用户.
I'm building a website where I've integrated firebase authentication for login/signup of site users.
用户可以通过电子邮件密码或移动 OTP 方法登录/注册.我正在使用官方 firebase js Auth UI Widget:firebaseui-web 用于此身份验证过程.
Users can login/signup via either email-password or mobile OTP method. I'm using official firebase js Auth UI Widget: firebaseui-web for this authentication process.
在注册时,我还想获取其他用户详细信息,例如全名、性别、年龄等.
While signup, I also want to capture additional user details like full name, gender, age etc.
我在网上找到了两种方法:
I found 2 approaches on the web for this:
注册成功后将额外信息存储在 firestore 中.
Store extra info in firestore after successful signup.
这种方法的问题是我想成为一个原子事务.意味着,要么在注册过程中存储所有额外信息要么注册过程不应该成功.我不确定如何实现此流程,或者根本不知道是否可行.
Issue with this approach is I want to be it an atomic transaction. Means, either all the extra info should be stored during signup process or signup process shouldn't succeed. I'm not sure how to implement this flow or is it even possible at all.
在 firebase auth object 字段中存储额外信息就像在 displayName、photoURL 中使用 JSON.stringify/JSON.parse 方法一样.我正在使用他们的身份验证 UI 小部件,但不确定如何在电子邮件或移动 OTP 注册期间嵌入此信息.
Store extra info in firebase auth object field like in displayName, photoURL using JSON.stringify/JSON.parse method. I'm using their auth UI widget and not sure how to embed this info during email or mobile OTP signup.
那么,如何在注册过程中保存用户的额外信息?可能有什么不同的方法?
So, how to save extra info of user during signup process? Any different approach maybe?
网站托管在 firebase 托管上.站点使用 firestore 来存储用户的任何其他数据,因为 firebase auth 不提供此功能.我还为一些基本的 CRUD 操作实现了 firebase 云函数(Typescript、node.js).简而言之,就是一个完整的 Firebase 环境.
Website is hosted on firebase hosting. Site uses firestore for storing any additional data of users because firebase auth doesn't provide this functionality. I've also implemented firebase cloud functions (Typescript, node.js) for some basic CRUD operations. So in nutshell, a full firebase environment.
推荐答案
这是每个 firebase 用户都必须处理的问题.一般是怎么解决的?正如其他用户指出的那样,通过将额外的用户信息添加到 Firestore 来解决这个问题.你能保证原子性吗?不,你不能,auth 和 db 是两个不同的系统,你可以将用户添加到 auth 并在回调中发现你不能将用户添加到 db,因为你没有互联网连接.人们做什么?一般都住它.
This is something that every firebase user has to deal with. How is generally solved? As other users point out, it is solved by adding the extra user information into Firestore. Can you guarantee that atomiticy? No, you can't, auth and db are two different systems, you can add the user to auth and in the callback find out you cannot add the user to db because you dont have internet connection for instance. What people do? Generally live with it.
如果保证原子性是您的应用程序的基础,您可以加倍努力并在 firebase 函数中实现您的身份验证.例如,这是一个两步登录的例子:
If it is fundamental for your application to guarantee atomiticy you can go an extra mile and implement your authentication in a firebase function. For instance, this is an example of a two step sign in:
import { Request, Response } from "express";
import * as admin from 'firebase-admin'
export async function create(req: Request, res: Response) {
try {
const { displayName, password, email, role } = req.body
if (!displayName || !password || !email || !role) {
return res.status(400).send({ message: 'Missing fields' })
}
const { uid } = await admin.auth().createUser({
displayName,
password,
email
})
await admin.auth().setCustomUserClaims(uid, { role })
return res.status(201).send({ uid })
} catch (err) {
return handleError(res, err)
}
}
function handleError(res: Response, err: any) {
return res.status(500).send({ message: `${err.code} - ${err.message}` });
}
如果出现问题,您可以添加从 auth 中删除用户.这至少可以保证您的回滚代码将在 Google 服务器中执行.
You could add the user removal from auth if something goes wrong. This guarantees at least that your rollback code will be executed in the Google servers.
此代码示例摘自 https://www.toptal.com/firebase/role-based-firebase-authentication
这篇关于如何使用 Firebase 身份验证在用户注册过程中保存额外信息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
