如何在Firebase身份验证中限制电子邮件域 [英] How to restrict email domains in Firebase Authentication
问题描述
我有一个有关Firebase身份验证的问题.实际上,我正在为我的公司制作仪表板,并将其托管在Firebase中.我只想将电子邮件身份验证限制在我的comany域(例如:cat.com)上.但是我经历了stackoverflow的答案,发现可以在数据库中施加规则.但是问题是我将使用Firebase Function将外部数据库调用到fetcj数据,并将其提供给网站(仪表板).因此,没有适用于任何域的规则.以下是我的仪表板架构的概述
我该如何实现?我希望有人拥有"xxxx@cat.com"将能够验证和查看仪表板数据
案例1:用户已经创建了他们的帐户,并且您想将一种云功能限制为特定的电子邮件地址.
您可以获取与云功能调用关联的用户信息,并查看他们的电子邮件.然后,如果外部数据库具有正确的电子邮件域,则可以对其进行调用.您还应该进行一些UI更改,以便用户没有@cat.com时不会仅仅得到错误.
情况2::将Firebase项目中的所有用户限制为包含@cat.com的电子邮件吗?
如果是这样,则不能直接在Firebase身份验证中限制电子邮件,因此必须将用户注册代码粘贴在云功能后面,并在其中创建用户帐户.您可以在他们尝试注册时查看他们的电子邮件.
您可以使用Cloudbase中的Firebase Admin SDK来执行此操作. 文档
admin.auth().createUser({
email: 'user@example.com',
emailVerified: false,
phoneNumber: '+11234567890',
password: 'secretPassword',
displayName: 'John Doe',
photoURL: 'http://www.example.com/12345678/photo.png',
disabled: false
})
.then(function(userRecord) {
// See the UserRecord reference doc for the contents of userRecord.
console.log('Successfully created new user:', userRecord.uid);
})
.catch(function(error) {
console.log('Error creating new user:', error);
});
客户端将在调用此.createUser之前使用所需的电子邮件和密码来调用云功能,并且您可以在使用"dog@cat.com".toLowerCase().endsWith("cat.com")创建用户之前检查正确的电子邮件.
此外,使用电子邮件域作为访问控制的形式听起来也不是一个好主意.在帐户创建过程中,您可以基于电子邮件手动添加对用户文档的访问权限.如果您想给某人发送电子邮件但又不想让他们访问数据库,会发生什么情况?
I have a question regarding firebase authentication. Actully I am making a dashboard for my company, and I will host it in firebase. I want to restrict the email authentication only to my comany domain (ex: cat.com). But I went through the stackoverflow answers and I found I can impose rule in database. But the issue is that I will be calling external databases to fetcj data using Firebase Function and serve it to website(dashboard). So no domain specific rule will apply there. Below is the outline of my dashboard architecture
How can I achieve this? I want people having "xxxx@cat.com" will be able to autheticate and view dashboard data
Case 1: The user has already created their account, and you want to restrict one cloud function to specific email addresses.
You can get the user info associated with the cloud function call, and check their email. You can then call the external database if they have the correct email domain. You should also do some UI changes so the user doesn't just get errors if they don't have @cat.com.
Case 2: Restrict all users in your Firebase project to emails containing @cat.com?
If so, you can't restrict the emails directly in firebase authentication, so you'd have to stick user registration code behind a cloud function, creating user accounts there. You can then check their email when they try to register.
You can do this with the Firebase Admin SDK in a cloud function. docs
admin.auth().createUser({
email: 'user@example.com',
emailVerified: false,
phoneNumber: '+11234567890',
password: 'secretPassword',
displayName: 'John Doe',
photoURL: 'http://www.example.com/12345678/photo.png',
disabled: false
})
.then(function(userRecord) {
// See the UserRecord reference doc for the contents of userRecord.
console.log('Successfully created new user:', userRecord.uid);
})
.catch(function(error) {
console.log('Error creating new user:', error);
});
The client will call the cloud function with their desired email and password, and before calling this .createUser, and you can check for the correct email before creating the user with "dog@cat.com".toLowerCase().endsWith("cat.com").
Also, using email domain as a form of access control doesn't sound like a good idea. During the account creation process, you manually add access to the user's document based on the email. What happens when you want to give someone an email but don't want to give them access to the database?
这篇关于如何在Firebase身份验证中限制电子邮件域的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
