Mixing
Is there any function in User Authentication for User Roles?
.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty{ height:90px;width:728px;box-sizing:border-box;
}
I'm trying to make a login interface for my web app using Firebase. I wanted to add a user role to my account using Firebase's own Authentication System. (Email). But it does not support any options for adding a user role. Such as "Admin" and "Users".
This is for Firebase (currently 5.7.2), and HTML5.
login.js (current login authentication)
(function(){
var ui = new firebaseui.auth.AuthUI(firebase.auth());
var uiConfig = {
callbacks: {
signInSuccessWithAuthResult: function(authResult, redirectUrl) {
// User successfully signed in.
// Return type determines whether we continue the redirect automatically
// or whether we leave that to developer to handle.
return true;
},
uiShown: function() {
// The widget is rendered.
// Hide the loader.
document.getElementById('loader').style.display = 'none';
}
},
// Will use popup for IDP Providers sign-in flow instead of the default, redirect.
signInFlow: 'popup',
signInSuccessUrl: 'index.html',
signInOptions: [
// Leave the lines as is for the providers you want to offer your users.
firebase.auth.EmailAuthProvider.PROVIDER_ID,
],
};
ui.start('#firebaseui-auth-container', uiConfig);
})()
I expect to add an option, or a field for a user role, somewhere in the js as a unique identifier to an email? (adminabc@xx.com = admin, userabc@xx.com = user) or an additional field to firebase. (adding a dedicated table in the database instead of using the implemented user authentication.)
html firebase firebase-authentication
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
add a comment |
I'm trying to make a login interface for my web app using Firebase. I wanted to add a user role to my account using Firebase's own Authentication System. (Email). But it does not support any options for adding a user role. Such as "Admin" and "Users".
This is for Firebase (currently 5.7.2), and HTML5.
login.js (current login authentication)
(function(){
var ui = new firebaseui.auth.AuthUI(firebase.auth());
var uiConfig = {
callbacks: {
signInSuccessWithAuthResult: function(authResult, redirectUrl) {
// User successfully signed in.
// Return type determines whether we continue the redirect automatically
// or whether we leave that to developer to handle.
return true;
},
uiShown: function() {
// The widget is rendered.
// Hide the loader.
document.getElementById('loader').style.display = 'none';
}
},
// Will use popup for IDP Providers sign-in flow instead of the default, redirect.
signInFlow: 'popup',
signInSuccessUrl: 'index.html',
signInOptions: [
// Leave the lines as is for the providers you want to offer your users.
firebase.auth.EmailAuthProvider.PROVIDER_ID,
],
};
ui.start('#firebaseui-auth-container', uiConfig);
})()
I expect to add an option, or a field for a user role, somewhere in the js as a unique identifier to an email? (adminabc@xx.com = admin, userabc@xx.com = user) or an additional field to firebase. (adding a dedicated table in the database instead of using the implemented user authentication.)
html firebase firebase-authentication
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
add a comment |
I'm trying to make a login interface for my web app using Firebase. I wanted to add a user role to my account using Firebase's own Authentication System. (Email). But it does not support any options for adding a user role. Such as "Admin" and "Users".
This is for Firebase (currently 5.7.2), and HTML5.
login.js (current login authentication)
(function(){
var ui = new firebaseui.auth.AuthUI(firebase.auth());
var uiConfig = {
callbacks: {
signInSuccessWithAuthResult: function(authResult, redirectUrl) {
// User successfully signed in.
// Return type determines whether we continue the redirect automatically
// or whether we leave that to developer to handle.
return true;
},
uiShown: function() {
// The widget is rendered.
// Hide the loader.
document.getElementById('loader').style.display = 'none';
}
},
// Will use popup for IDP Providers sign-in flow instead of the default, redirect.
signInFlow: 'popup',
signInSuccessUrl: 'index.html',
signInOptions: [
// Leave the lines as is for the providers you want to offer your users.
firebase.auth.EmailAuthProvider.PROVIDER_ID,
],
};
ui.start('#firebaseui-auth-container', uiConfig);
})()
I expect to add an option, or a field for a user role, somewhere in the js as a unique identifier to an email? (adminabc@xx.com = admin, userabc@xx.com = user) or an additional field to firebase. (adding a dedicated table in the database instead of using the implemented user authentication.)
html firebase firebase-authentication
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
I'm trying to make a login interface for my web app using Firebase. I wanted to add a user role to my account using Firebase's own Authentication System. (Email). But it does not support any options for adding a user role. Such as "Admin" and "Users".
This is for Firebase (currently 5.7.2), and HTML5.
login.js (current login authentication)
(function(){
var ui = new firebaseui.auth.AuthUI(firebase.auth());
var uiConfig = {
callbacks: {
signInSuccessWithAuthResult: function(authResult, redirectUrl) {
// User successfully signed in.
// Return type determines whether we continue the redirect automatically
// or whether we leave that to developer to handle.
return true;
},
uiShown: function() {
// The widget is rendered.
// Hide the loader.
document.getElementById('loader').style.display = 'none';
}
},
// Will use popup for IDP Providers sign-in flow instead of the default, redirect.
signInFlow: 'popup',
signInSuccessUrl: 'index.html',
signInOptions: [
// Leave the lines as is for the providers you want to offer your users.
firebase.auth.EmailAuthProvider.PROVIDER_ID,
],
};
ui.start('#firebaseui-auth-container', uiConfig);
})()
I expect to add an option, or a field for a user role, somewhere in the js as a unique identifier to an email? (adminabc@xx.com = admin, userabc@xx.com = user) or an additional field to firebase. (adding a dedicated table in the database instead of using the implemented user authentication.)
html firebase firebase-authentication
html firebase firebase-authentication
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
edited Jan 3 at 10:50
Uwe Keim
27.7k32135216
27.7k32135216
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
asked Jan 3 at 10:46
Ivan Aldwin A. CristobalIvan Aldwin A. Cristobal
45110
45110
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
There is no "user roles" API for Firebase Auth, but there are ways that you can implement role based authorization in your application.
Database
One of the ways is, as you mentioned, to store that data in your database. The benefits of doing that is that it's easy to implement.
You can enforce the rules by making lookups in your database rules for both Firestore and the Realtime database.
Realtime database
{
"rules": {
"adminContent": {
".write": "root.child('users').child(auth.uid).child('admin').val() === true"
}
}
}
Firestore
service cloud.firestore {
match /databases/{database}/documents {
match /articles/{article} {
allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.admin == true
}
}
}
The downside of maintaining your roles and and credentials in database is that you can't use that information across products. You can't write a firestore database rule that access the RTDB rules or vice versa.
Custom claims
If you want your roles to work across services (using the same role data in RTDB, Firestore and Firebase Storage), then you should look into setting custom claims, which is explained very well in the documentation.
Once that is set up you can use the custom claims to implement role based or group access rights across the different products.
database.rules.json
{
"rules": {
"adminContent": {
".read": "auth.token.admin === true",
".write": "auth.token.admin === true",
}
}
}
firestore.rules / storage.rules
The Firestore and Storage rules has similar syntax for the rules and you fill find that the allow statement is the same for both.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.token.admin == true;
}
}
}
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
2
Great answer Dennis! Also be sure to check out five tips to secure your app, and episode 6 in the "Getting to know Cloud Firestore video series.
– Frank van Puffelen
Jan 3 at 14:25
1
Just a question. How would i link my users in auth, to their specific profiles in the database? (profile contains, full name, usertype, etc.)
– Ivan Aldwin A. Cristobal
Jan 27 at 11:10
Good question, Ivan. I created a longer answer in a post of its own: stackoverflow.com/q/54394316/7967164
– Dennis Alund
Jan 28 at 0:56
add a comment |
Your Answer
StackExchange.ifUsing("editor", function () {
StackExchange.using("externalEditor", function () {
StackExchange.using("snippets", function () {
StackExchange.snippets.init();
});
});
}, "code-snippets");
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "1"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54020769%2fis-there-any-function-in-user-authentication-for-user-roles%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
There is no "user roles" API for Firebase Auth, but there are ways that you can implement role based authorization in your application.
Database
One of the ways is, as you mentioned, to store that data in your database. The benefits of doing that is that it's easy to implement.
You can enforce the rules by making lookups in your database rules for both Firestore and the Realtime database.
Realtime database
{
"rules": {
"adminContent": {
".write": "root.child('users').child(auth.uid).child('admin').val() === true"
}
}
}
Firestore
service cloud.firestore {
match /databases/{database}/documents {
match /articles/{article} {
allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.admin == true
}
}
}
The downside of maintaining your roles and and credentials in database is that you can't use that information across products. You can't write a firestore database rule that access the RTDB rules or vice versa.
Custom claims
If you want your roles to work across services (using the same role data in RTDB, Firestore and Firebase Storage), then you should look into setting custom claims, which is explained very well in the documentation.
Once that is set up you can use the custom claims to implement role based or group access rights across the different products.
database.rules.json
{
"rules": {
"adminContent": {
".read": "auth.token.admin === true",
".write": "auth.token.admin === true",
}
}
}
firestore.rules / storage.rules
The Firestore and Storage rules has similar syntax for the rules and you fill find that the allow statement is the same for both.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.token.admin == true;
}
}
}
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
2
Great answer Dennis! Also be sure to check out five tips to secure your app, and episode 6 in the "Getting to know Cloud Firestore video series.
– Frank van Puffelen
Jan 3 at 14:25
1
Just a question. How would i link my users in auth, to their specific profiles in the database? (profile contains, full name, usertype, etc.)
– Ivan Aldwin A. Cristobal
Jan 27 at 11:10
Good question, Ivan. I created a longer answer in a post of its own: stackoverflow.com/q/54394316/7967164
– Dennis Alund
Jan 28 at 0:56
add a comment |
There is no "user roles" API for Firebase Auth, but there are ways that you can implement role based authorization in your application.
Database
One of the ways is, as you mentioned, to store that data in your database. The benefits of doing that is that it's easy to implement.
You can enforce the rules by making lookups in your database rules for both Firestore and the Realtime database.
Realtime database
{
"rules": {
"adminContent": {
".write": "root.child('users').child(auth.uid).child('admin').val() === true"
}
}
}
Firestore
service cloud.firestore {
match /databases/{database}/documents {
match /articles/{article} {
allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.admin == true
}
}
}
The downside of maintaining your roles and and credentials in database is that you can't use that information across products. You can't write a firestore database rule that access the RTDB rules or vice versa.
Custom claims
If you want your roles to work across services (using the same role data in RTDB, Firestore and Firebase Storage), then you should look into setting custom claims, which is explained very well in the documentation.
Once that is set up you can use the custom claims to implement role based or group access rights across the different products.
database.rules.json
{
"rules": {
"adminContent": {
".read": "auth.token.admin === true",
".write": "auth.token.admin === true",
}
}
}
firestore.rules / storage.rules
The Firestore and Storage rules has similar syntax for the rules and you fill find that the allow statement is the same for both.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.token.admin == true;
}
}
}
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
2
Great answer Dennis! Also be sure to check out five tips to secure your app, and episode 6 in the "Getting to know Cloud Firestore video series.
– Frank van Puffelen
Jan 3 at 14:25
1
Just a question. How would i link my users in auth, to their specific profiles in the database? (profile contains, full name, usertype, etc.)
– Ivan Aldwin A. Cristobal
Jan 27 at 11:10
Good question, Ivan. I created a longer answer in a post of its own: stackoverflow.com/q/54394316/7967164
– Dennis Alund
Jan 28 at 0:56
add a comment |
There is no "user roles" API for Firebase Auth, but there are ways that you can implement role based authorization in your application.
Database
One of the ways is, as you mentioned, to store that data in your database. The benefits of doing that is that it's easy to implement.
You can enforce the rules by making lookups in your database rules for both Firestore and the Realtime database.
Realtime database
{
"rules": {
"adminContent": {
".write": "root.child('users').child(auth.uid).child('admin').val() === true"
}
}
}
Firestore
service cloud.firestore {
match /databases/{database}/documents {
match /articles/{article} {
allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.admin == true
}
}
}
The downside of maintaining your roles and and credentials in database is that you can't use that information across products. You can't write a firestore database rule that access the RTDB rules or vice versa.
Custom claims
If you want your roles to work across services (using the same role data in RTDB, Firestore and Firebase Storage), then you should look into setting custom claims, which is explained very well in the documentation.
Once that is set up you can use the custom claims to implement role based or group access rights across the different products.
database.rules.json
{
"rules": {
"adminContent": {
".read": "auth.token.admin === true",
".write": "auth.token.admin === true",
}
}
}
firestore.rules / storage.rules
The Firestore and Storage rules has similar syntax for the rules and you fill find that the allow statement is the same for both.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.token.admin == true;
}
}
}
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
There is no "user roles" API for Firebase Auth, but there are ways that you can implement role based authorization in your application.
Database
One of the ways is, as you mentioned, to store that data in your database. The benefits of doing that is that it's easy to implement.
You can enforce the rules by making lookups in your database rules for both Firestore and the Realtime database.
Realtime database
{
"rules": {
"adminContent": {
".write": "root.child('users').child(auth.uid).child('admin').val() === true"
}
}
}
Firestore
service cloud.firestore {
match /databases/{database}/documents {
match /articles/{article} {
allow write: if get(/databases/$(database)/documents/users/$(request.auth.uid)).data.admin == true
}
}
}
The downside of maintaining your roles and and credentials in database is that you can't use that information across products. You can't write a firestore database rule that access the RTDB rules or vice versa.
Custom claims
If you want your roles to work across services (using the same role data in RTDB, Firestore and Firebase Storage), then you should look into setting custom claims, which is explained very well in the documentation.
Once that is set up you can use the custom claims to implement role based or group access rights across the different products.
database.rules.json
{
"rules": {
"adminContent": {
".read": "auth.token.admin === true",
".write": "auth.token.admin === true",
}
}
}
firestore.rules / storage.rules
The Firestore and Storage rules has similar syntax for the rules and you fill find that the allow statement is the same for both.
service cloud.firestore {
match /databases/{database}/documents {
match /{document=**} {
allow read, write: if request.auth.token.admin == true;
}
}
}
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
edited Jan 3 at 12:00
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
answered Jan 3 at 11:16
Dennis AlundDennis Alund
9441419
9441419
2
Great answer Dennis! Also be sure to check out five tips to secure your app, and episode 6 in the "Getting to know Cloud Firestore video series.
– Frank van Puffelen
Jan 3 at 14:25
1
Just a question. How would i link my users in auth, to their specific profiles in the database? (profile contains, full name, usertype, etc.)
– Ivan Aldwin A. Cristobal
Jan 27 at 11:10
Good question, Ivan. I created a longer answer in a post of its own: stackoverflow.com/q/54394316/7967164
– Dennis Alund
Jan 28 at 0:56
add a comment |
2
Great answer Dennis! Also be sure to check out five tips to secure your app, and episode 6 in the "Getting to know Cloud Firestore video series.
– Frank van Puffelen
Jan 3 at 14:25
1
Just a question. How would i link my users in auth, to their specific profiles in the database? (profile contains, full name, usertype, etc.)
– Ivan Aldwin A. Cristobal
Jan 27 at 11:10
Good question, Ivan. I created a longer answer in a post of its own: stackoverflow.com/q/54394316/7967164
– Dennis Alund
Jan 28 at 0:56
2
2
Great answer Dennis! Also be sure to check out five tips to secure your app, and episode 6 in the "Getting to know Cloud Firestore video series.
– Frank van Puffelen
Jan 3 at 14:25
Great answer Dennis! Also be sure to check out five tips to secure your app, and episode 6 in the "Getting to know Cloud Firestore video series.
– Frank van Puffelen
Jan 3 at 14:25
1
1
Just a question. How would i link my users in auth, to their specific profiles in the database? (profile contains, full name, usertype, etc.)
– Ivan Aldwin A. Cristobal
Jan 27 at 11:10
Just a question. How would i link my users in auth, to their specific profiles in the database? (profile contains, full name, usertype, etc.)
– Ivan Aldwin A. Cristobal
Jan 27 at 11:10
Good question, Ivan. I created a longer answer in a post of its own: stackoverflow.com/q/54394316/7967164
– Dennis Alund
Jan 28 at 0:56
Good question, Ivan. I created a longer answer in a post of its own: stackoverflow.com/q/54394316/7967164
– Dennis Alund
Jan 28 at 0:56
add a comment |
Thanks for contributing an answer to Stack Overflow!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f54020769%2fis-there-any-function-in-user-authentication-for-user-roles%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
