将数据保存到Firebase用户对象中 [英] Save data into the Firebase user object

问题描述

使用此:

firebase.auth().onAuthStateChanged(function(user){
    if (user){

Firebase 正在返回用户，其中包括 userID .当网页获取此对象时，它将获得用户ID，并需要再次访问数据库记录以检查一些非常基本的内容(如果是付费用户或其他简单的密钥)，以便选择UI.

Firebase is returning the user, which includes a userID. When a webpage get this object it takes the user ID, and need to access again the DB records to check some very basic stuff ( if it's a paid user, or another simple key) in order to choose the UI.

是否可以在此回调中返回用户，包括有关他的一些预定义基本信息?

Is there away to return in this callback the user including some predefined basic info about him?

推荐答案

如果您想向用户帐户添加一些额外的信息，则不能使用

If you want to add some extra info to a user account you cannot use the User object, which has a fixed list of properties.

有两种经典方法:

您为每个用户创建一个Firestore文档(或实时数据库"节点).通常，您将用户的uid用作Firestore Document/RTDB节点的ID.

You create a Firestore document (or a Realtime Database node) for each user. Usually you use the User's uid as the id of the Firestore Document/RTDB node.

这意味着您将需要获取数据库以获取此额外的用户信息，例如

This means that you will need to fetch the database to get this extra user info, e.g.

firebase.auth().onAuthStateChanged(function(user){
    if (user) {
        firebase.firestore().collection('users').doc(user.uid).get()
        .then(...)
    }
    //...
}
 

2.使用自定义声明

如果您只需要按顺序存储数量有限个额外信息以提供访问控制，则可以使用

2. Use Custom Claims

If you need to store only a limited number of extra information in order to provide access control, you could use Custom Claims. This is particularly adapted for storing user roles, e.g. paid user.

可通过用户的身份验证令牌访问自定义用户声明，因此您可以使用它们根据用户的角色或访问级别来修改客户端UI.在文档中的此处.

Custom user claims are accessible via user's authentication tokens, therefore you can use them to modify the client UI based on the user's role or access level. See more details here in the doc.

要在前端获得版权声明，您可以执行以下操作:

To get the Claims in the front end, you can do as follows:

firebase.auth().onAuthStateChanged(function (user) {
    if (user) {
        user.getIdTokenResult()
            .then((idTokenResult) => {
                // Confirm the user is a paid user.
                if (!!idTokenResult.claims.paidUser) {
                    // Show admin UI.
                    showPaidUserUI();
                } else {
                    // Show regular user UI.
                    showRegularUI();
                }
            })
            .catch((error) => {
                console.log(error);
            });
    }
    //...
}

---

请务必在文档中注意以下部分:

---

It is important to note the following section in the doc:

自定义声明仅用于提供访问控制.他们不是设计用于存储其他数据(例如配置文件和其他自定义数据).尽管这看起来像是一种方便的机制，但它确实是强烈建议不要使用这些声明，因为这些声明存储在ID令牌中，并且可能会导致性能问题，因为所有经过身份验证的请求始终包含与已登录帐户相对应的Firebase ID令牌用户.

Custom claims are only used to provide access control. They are not designed to store additional data (such as profile and other custom data). While this may seem like a convenient mechanism to do so, it is strongly discouraged as these claims are stored in the ID token and could cause performance issues because all authenticated requests always contain a Firebase ID token corresponding to the signed in user.

• 使用自定义声明存储仅用于控制用户访问的数据.所有其他数据应通过实时数据库分别存储或其他服务器端存储.
• 自定义声明的大小受到限制.传递大于1000个字节的自定义声明有效负载会引发错误.

这篇关于将数据保存到Firebase用户对象中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！