堆栈内存溢出
  简体   繁体   English

如何在用户创建期间使用 Firebase Auth 验证字段服务器端?

[英]How to validate fields server side during user creation with Firebase Auth?

 原文  2019-10-12 18:11:27       ios/ swift/ firebase/ google-cloud-firestore/ firebase-authentication

问题描述

I'm trying to use Firebase Auth to create a new user, but I want to validate some fields (pattern matching) using Firestore Security Rules before creating a new account.我正在尝试使用 Firebase Auth 创建新用户,但我想在创建新帐户之前使用 Firestore 安全规则验证某些字段(模式匹配)。 How can I do that?我怎样才能做到这一点?

In the completion handler for the createUser(withEmail: , password:) function, I am performing some writes to Firestore on successful account creation.在 createUser(withEmail: , password:) function 的完成处理程序中,我在成功创建帐户时对 Firestore 执行了一些写入操作。

I am facing a problem where sometimes the writes to Firestore may not be successful due to Firestore Secuity Rules (Pattern matching).我面临一个问题,有时由于 Firestore 安全规则(模式匹配),对 Firestore 的写入可能不会成功。 In this case the write fails but the new user account is still created (since writes are being attempted in completion handler).在这种情况下,写入失败,但仍会创建新用户帐户(因为正在完成处理程序中尝试写入)。

// Create User Method - Firebase Auth & Swift

Auth.auth().createUser(withEmail: self.emailTextField.text!, password: self.passwordTextField.text!) { (result, error) in
                    if error != nil {
                        print(error?.localizedDescription)
                    } else { 
                        let userName = [
                            userName:self.userNameTextField.text!
                        ]

// Writing field Data to Firestore

Firestore.firestore().collection("users").document(self.userNameTextField.text!).setData(userName) {(err) in
                            if err != nil {

// Rather than throwing a fatalError, how can I ensure new account creation is cancelled so that feedback can be given on the issue with entered field data?                              

fatalError()
                            }

I want to ensure a user account is not created in case writes to Firestore are unsuccessful due to a conflict with Firestore Security Rules.我想确保不会创建用户帐户,以防由于与 Firestore 安全规则冲突而导致对 Firestore 的写入失败。

1 个解决方案

解决方案1
 1 已采纳  2019-10-12 18:13:52

Firebase Authentication doesn't have any security rules. Firebase 身份验证没有任何安全规则。 There's currently no way to check if incoming account properties are valid before a user gets created.目前无法在创建用户之前检查传入的帐户属性是否有效。 Security rules only apply to data read and written directly to Cloud Firestore (or Realtime Database, or Cloud Storage) from a mobile or web client.安全规则仅适用于从移动或 web 客户端直接读取和写入 Cloud Firestore(或实时数据库或 Cloud Storage)的数据。

The only thing you could do is use a Cloud Functions auth trigger to check the account properties after it was created, then delete or deactivate the account if something is wrong.您唯一能做的就是在创建帐户后使用Cloud Functions 身份验证触发器检查帐户属性,然后在出现问题时删除或停用帐户。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在最新的 Firebase IOS SDK 中获取 Firebase JWT 令牌以在服务器端进行验证 - How to get Firebase JWT token to validate on server side in Latest Firebase IOS SDK 如何检查用户是否有有效的授权 Session Firebase iOS? - How to check if user has valid Auth Session Firebase iOS? 如何检查用户之前是否已注册(Firebase身份验证)? - How to check if User has registrated before (Firebase Auth)? 当用户离线时,Firebase Auth session 持续多长时间? - How long does a Firebase Auth session last when the user is offline? Firebase检查用户/用户是否存在的身份验证状态 - Firebase check auth status of user/ if user exists iOS - 在打字时验证用户 IP 地址 - iOS - validate user ip address during typing firebase auth / swift-无法在applicationWillTerminate上删除匿名用户? - firebase auth / swift - anonymous user not delete on applicationWillTerminate? Firebase身份验证用户照片URL返回404 - firebase auth user photo URL returns 404 App委托中的Firebase用户身份验证检查 - Firebase User Auth check in App delegate 可以使用 Firebase Auth.auth() 函数检索 GoogleSignIn 用户吗? - Can Firebase Auth.auth() functions be used to retrieve a GoogleSignIn user?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM