具有列入白名单的电子邮件地址的Firebase身份验证 [英] Firebase Authentication with whitelisted email addresses

问题描述

假设有教师/学生的情景，什么是处理电子邮件邀请"的好方法?

Assuming a teacher/student scenario what would be a good way to handle 'email invitations'?

使用CSV上传功能，我想创建用户或电子邮件白名单，以限制其他所有人(未邀请)创建帐户.

Using a CSV upload I would like to create users or a whitelist of emails that will restrict everyone else (not invited) from creating an account.

我是否应该创建自己的登录表单，该表单将首先检查白名单，然后创建用户?

Should I create my own login form that will check the whitelist first and then create the user?

是否存在某些类型的BeforeAuth挂钩?大声笑.

Is there some type of BeforeAuth hook? LOL.

推荐答案

我建议使用附加云功能给用户创建事件.如果用户与白名单上的用户匹配，请设置自定义用户声明(最近才发布！)

What I'd recommend is to separate the auth from the access by using Custom Claims. Allow any one to create a user, but attach a Cloud Function to the user create event. If the user matches one on the white list, set a custom user claim (this just launched recently!)

最后，在您的规则中，在授予对数据的访问权限之前检查该use属性:

Finally, in your rules, check for that use property before giving access to the data:

{
  "rules": {
    "adminContent": {
      ".read": "auth.token.admin === true",
      ".write": "auth.token.admin === true",
    }
  }
}

这篇关于具有列入白名单的电子邮件地址的Firebase身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！