你怎么美元的火力地堡p $ pvent重复的用户属性? [英] How do you prevent duplicate user properties in Firebase?
问题描述
我用 FirebaseSimpleLogin 以创建用户和处理身份验证。
I'm Using FirebaseSimpleLogin to create users and handle authentication.
当我尝试创建通过 $的createUser()方法简单的登录的新用户,如果电子邮件地址已经被使用火力不会造成用户。不过,我也使用 $集()我创建的用户保存到我的火力点后,我创造他们和我使用 user.uid 的关键。当试图写入数据库,火力会保存记录,即使因为只有电子邮件地址和密码都需要简单的登录用户名不是唯一的。那么,如何可以验证用户名时,它不被使用为重点,以用户对象是唯一的?
When I try and create a new user with simple login via the $createUser() method, firebase won't create the user if the email address has already been used. However, I am also using $set() to save my created users to my firebase after I create them and I am using user.uid as the key. When trying to write to the database, firebase will save the record even if the username is not unique since only email and password are required for simple login. So how can I validate a username to be unique when it is not being used as the key to the user object?
我创建新用户是这样的:
I'm creating new users like this:
$scope.createUser = function() {
$scope.auth.$createUser('trinker@gmail.com', 'password').then(function(user, err) {
if (!err) {
ref.child('users/' + user.uid).set({
email: user.email,
username: user.username
});
console.log("success!");
}else{
console.log(err.message);
}
});
}
和我的用户对象是这样的:
And my user object looks like this:
{
"users" : {
"simplelogin:28" : {
"email" : "trinker@gmail.com",
"username" : "jtrinker"
},
"simplelogin:30" : {
"email" : "test@gmail.com",
"username" : "jtrinker"
}
}
}
}
我需要使用uid作为每个用户的关键,但我仍然需要的用户名是唯一的。
I need to use the uid as the key for each user, but I still need the username to be unique.
我如何我可以从保存记录的,如果一个对象的属性内不是唯一一个不同的对象里面的属性prevent火力点?
How can I can I prevent firebase from saving records if properties within one object are not unique to properties inside a different object?
推荐答案
首先,如果用户已经拥有了用户名,它是独一无二的,这是不打算走开,我建议你放弃了使用简单的登录 UID 秒。这将创造什么,但试图来回翻转两者之间,因为你已经在这里发现的问题。调查创建自己的标记与像的: //github.com/Rigidflame/firebase-passport-login\">firebase-passport-login 然后保存记录用户名。
First of all, if users already have a username, it's unique, and this is not going to go away, I'd recommend that you give up on using simple login uids. This is going to create nothing but issues trying to flip back and forth between the two, as you've already discovered here. Investigate creating your own tokens with a tool like firebase-passport-login and then store the records by username.
但是,因为这不是你的问题,让我们解决,虽然我们在这里,因为你可能想继续前进,进入,通过它我已经通过很多次的双重身份的棘手荆棘。
But since that wasn't your question, let's resolve that while we're here, since you may want to go ahead and enter the thorny briar of dual identities through which I have passed many times.
为了使用户名唯一的,存储用户名的索引。
To make the username unique, store an index of usernames.
/用户/ $用户名/用户名/ $的用户名
/用户名/ $的用户名/用户ID $
/users/$userid/username/$username /usernames/$username/$userid
要确保它们是唯一的,在用户名/路径的用户ID,以确保只有一个用户可以为每个用户名进行分配,如下增加一个安全规则,该值是用户的ID:
To ensure they are unique, add a security rule as follows on the user id in usernames/ path, which ensures only one user can be assigned per username and that the value is the user's id:
".write": "newData.val() === auth.uid && !data.exists()"
现在强制加入以下的用户名在用户/记录它们匹配:
Now enforce that they match by adding the following to the username in the users/ record:
"users": {
"$userid": {
"username": {
".validate": "root.child('usernames/'+newData.val()).val() === $userid"
}
}
}
这将确保ID是唯一的。小心读取权限。你可能想避免这些完全是因为你不想让任何人仰视的私人电子邮件或用户名也。 喜欢的东西我支持展示了拯救这些将是理想的。
This will ensure the ids are unique. Be careful with read privileges. You may want to avoid those entirely since you don't want anyone looking up private emails or usernames. Something like I demonstrated in support for saving these would be ideal.
这里的想法是,你尝试分配的用户名和电子邮件,如果他们失败,那么他们已经存在并且属于其他用户。否则,你将它们插入到用户记录,现在有用户通过用户号和电子邮件进行索引。
The idea here is that you try to assign the username and email, if they fail, then they already exist and belong to another user. Otherwise, you insert them into the user record and now have users indexed by uid and email.
要符合SO协议,这里是从要旨code,这是通过链接更好地阅读:
To comply with SO protocol, here's the code from that gist, which is better read via the link:
var fb = new Firebase(URL);
function escapeEmail(email) {
return email.replace('.', ',');
}
function claimEmail(userId, email, next) {
fb.child('email_lookup').child(escapeEmail(email)).set(userId, function(err) {
if( err ) { throw new Error('email already taken'); }
next();
});
}
function claimUsername(userId, username, next) {
fb.child('username_lookup').child(username).set(userId, function(err) {
if( err ) { throw new Error('username already taken'); }
next();
});
}
function createUser(userId, data) {
claimEmail(userId, data.email, claimUsername.bind(null, userId, data.username, function() {
fb.child('users').child(userId).set(data);
);
}
和规则:
{
"rules": {
"users": {
"$user": {
"username": {
".validate": "root.child('username_lookup/'+newData.val()).val() === auth.uid"
},
"email": {
".validate": "root.child('email_lookup').child(newData.val().replace('.', ',')).val() === auth.uid"
}
}
},
"email_lookup": {
"$email": {
// not readable, cannot get a list of emails!
// can only write if this email is not already in the db
".write": "!data.exists()",
// can only write my own uid into this index
".validate": "newData.val() === auth.uid"
}
},
"username_lookup": {
"$username": {
// not readable, cannot get a list of usernames!
// can only write if this username is not already in the db
".write": "!data.exists()",
// can only write my own uid into this index
".validate": "newData.val() === auth.uid"
}
},
}
}
这篇关于你怎么美元的火力地堡p $ pvent重复的用户属性?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
