Firebase用户设置了吗?
[英]Firebase users set?
问题描述
I am working on application for diabetes users. 
我正在为糖尿病用户申请。 I have manage to create register user button and it works but I want also a new admin to be added to system. 我已经设法创建了注册用户按钮,它可以工作,但是我还希望将新的管理员添加到系统中。 The problem is that in admins login page, the normal user can also login. 问题在于,在admins登录页面中,普通用户也可以登录。 How can I implement this ... I need help please? 我该如何实施...我需要帮助吗?
document.getElementById("btnSignUp").addEventListener('click', e=>{ const userEmail = document.getElementById("email_field").value; const userPass = document.getElementById("password_field").value; firebase.auth().createUserWithEmailAndPassword(userEmail, userPass).catch(function(error) { console.log(error.message); }); }) firebase.auth().onAuthStateChanged(function(user) { if (user) { // User is signed in. //window.location = 'main.html' document.getElementById("user_div").style.display = "block"; document.getElementById("login_div").style.display = "none"; var user = firebase.auth().currentUser; if(user != null){ var email_id = user.email; document.getElementById("user_para").innerHTML = "Welcome User : " + email_id; } } else { // No user is signed in. document.getElementById("user_div").style.display = "none"; document.getElementById("login_div").style.display = "block"; } }); function login(){ var userEmail = document.getElementById("email_field").value; var userPass = document.getElementById("password_field").value; firebase.auth().signInWithEmailAndPassword(userEmail, userPass).catch(function(error) { // Handle Errors here. var errorCode = error.code; var errorMessage = error.message; window.alert("Error : " + errorMessage); // ... }); } function logout(){ firebase.auth().signOut(); window.location='index.html' }
1 个解决方案
解决方案1
1 已采纳 2018-05-05 16:17:37
Here is a way to declare specific users with a specific role, "admin" for example: 这是一种声明具有特定角色(例如“ admin”)的特定用户的方法:
You set a security rule like the one below for the data you want to be readable only by an "admin": 您为希望仅由“管理员”读取的数据设置了如下安全规则:
".read": "auth != null && root.child('admins/' + auth.uid).exists()"
And you declare the uids of the "admin" users as children of an "admins" database node: 然后将“ admin”用户的uid声明为“ admins”数据库节点的子代:
- admins
-h7yic7LeS123asdfsdgwPrfKZ2: true. //<- key = uid of a admin user
Your non-admin users may still be able to see your web page but they will not be able to get the data you normally display in this page for an admin. 您的非管理员用户可能仍然可以看到您的网页,但是他们将无法获取您通常在此页面上显示给管理员的数据。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.