Firebase Authentication: Disabled account by default?
2,963 views
Skip to first unread message
ma...@orca.xyz
Mar 29, 2017, 10:20:09 AM3/29/17
to Firebase Google Group
Hi all!
Is there a way to disable firebase accounts by default? Since there is no way to disable creating accounts, my use case would be that all accounts are disabled until explicitly enabled (by console or backend). Is this possible with firebase?
Something like this is needed for all subscription based software, because users should not be able to access the functionality until the subscription has been validated.
Thanks,
Marin
Is there a way to disable firebase accounts by default? Since there is no way to disable creating accounts, my use case would be that all accounts are disabled until explicitly enabled (by console or backend). Is this possible with firebase?
Something like this is needed for all subscription based software, because users should not be able to access the functionality until the subscription has been validated.
Thanks,
Marin
Jacob Wenger
Mar 29, 2017, 11:07:45 AM3/29/17
to fireba...@googlegroups.com
Hey Marin,
There is no checkbox or anything to accomplish this, but I think you have two good alternatives:
- Use your security rules to prevent access to users until they are allowed to access certain things (assuming you want to limit access to services like the Realtime Database or Storage). For example, you could use auth.token.email_verified in your rules to limit access to certain pieces of data to only users with verified email addresses.
- Set up a Cloud Function triggered by a Firebase Auth user creation event which updates that disables new users immediately. Check out our documentation on creating a Cloud Function upon user creation and an example of disabling a user.
Cheers,
Jacob
--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-talk+unsubscribe@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/d89fb487-f6ba-4e7f-b699-839f6ce16479%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Kato Richardson
Mar 29, 2017, 11:08:51 AM3/29/17
to Firebase Google Group
Hi Marin,
All that authenticating with Firebase Auth does at this point is generate a unique id for each end user. It doesn't specifically grant any privileges. But telling you how to enforce those really depends on the use case and features you're working with.
For example, if you want to control db access, you can use a few different approaches, such as writing a list of users' roles or registration status into the db. Then you can reference that from security rules.
☼, Kato
On Wed, Mar 29, 2017 at 1:26 AM, <ma...@orca.xyz> wrote:
--
You received this message because you are subscribed to the Google Groups "Firebase Google Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to firebase-talk+unsubscribe@googlegroups.com.
To post to this group, send email to fireba...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/firebase-talk/d89fb487-f6ba-4e7f-b699-839f6ce16479%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages