Nativescript:如何在Firebase中以管理员身份登录和管理用户帐户 [英] Nativescript: How to login as an admin and manage user account in Firebase

问题描述

我正在努力寻找有关如何使用Firebase Admin服务来管理用户帐户(特别是从Firebase Auth中删除用户)的解决方案.

I am struggling to find a solution on how to use Firebase Admin services in order manage user account (remove user from Firebase Auth in particular).

此 nativescript-plugin-firebase 提供了对Firebase服务的所有可能调用，但是没有关于使用管理员权限管理用户的描述.也许有人遇到类似问题或可以共享解决方法?

This nativescript-plugin-firebase provides all possible calls to firebase services, however there is no description about managing users with admin privileges. Maybe someone had similar issues or could share a workaround?

推荐答案

在我的应用中，这是我的管理方式:

Here's how I manage this in my apps:

1. 我的用户具有管理员"，经理"等权限.

1. My users have permissions such as "admin", "manager", etc.

管理员"登录到应用程序后，他们可以通过应用程序界面添加，更新和删除其他用户

When an "admin" is logged in to the app, they can add, update, delete other users via the app's interface

这是通过将更改请求推送到实时数据库中的"updateUser"节点-否到数据库中的实际用户记录来完成的.确保Firebase规则仅允许管理员"用户写入此节点.

This is accomplished by pushing a change request to an "updateUser" node in the realtime database - NOT to the actual user record in the database. Be sure that Firebase rules only allow "admin" users to write to this node.

一旦创建了这个新节点，我将禁用表单并提交按钮，因此无法进行其他更改.然后，我让应用程序监听对以下内容的任何更改:

Once this new node is created, I disable the form and submit buttons so no more changes can be made. Then, I have the app listen for any changes to:

• 这个新创建的"updateUser"节点(类似于:updateUser/xkekek393kdkd)
• 实际的用户个人资料记录

我具有Firebase云功能，可监听对该"updateUser"节点的任何写入

I have a Firebase cloud function listening for any writes to that "updateUser" node

该函数触发时，它将使用admin-sdk对用户配置文件 AND 的Firebase身份验证帐户(电子邮件地址，密码等)进行实际更改.然后，admin-sdk使用以下状态更新"updateUser"节点:

When the function triggers, it uses the admin-sdk to perform the actual changes to the user profile AND their Firebase authentication account (email address, password, etc). Then, the admin-sdk, updates the "updateUser" node with a status like:

{
  status: "success",
  message: "User updated"
}

或

{
  status: "fail",
  message: "Email address already in use"
}

客户端应用检测到对"updateUser"节点的更改，并向用户提供操作已完成的反馈.

The client app detects that change to the "updateUser" node and provides feedback to the user that the operation is completed.

客户端应用程序还会检测到对真实用户配置文件节点的更改，并相应地更新UI.

The client app also detects changes to the real user profile node and updates the UI accordingly.

优势:

• 只有受信任的资源(Firebase云功能)有权访问管理员权限.

• Only a trusted resource (a Firebase cloud function) has access to admin privileges.

所有业务逻辑和验证都是在服务器端而不是客户端执行的.

All the business logic and validation is performed server-side instead of client-side.

这篇关于Nativescript:如何在Firebase中以管理员身份登录和管理用户帐户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！