简体繁体 English

Firebase Auth 登录区别

[英]Firebase Auth signIn distinction

原文 2020-03-23 12:31:54 5 1 javascript/ firebase/ firebase-authentication

On my website, I have two portals for login.在我的网站上，我有两个登录门户。 Portal A is login for learners.门户 A 是学习者的登录。 Portal B is login for teachers.门户 B 是教师的登录。

Both learners' and teachers' accounts are located in the same Firebase project, in another words, both types of accounts are located in the same authentication space.学习者和教师的帐户都位于同一个 Firebase 项目中，换句话说，两种类型的帐户都位于同一个身份验证空间中。 Both portals use the same simple login code:两个门户都使用相同的简单登录代码：
firebase.auth().signInWithEmailAndPassword(user_email, user_password).catch(function(error) {})

Currently, the learners can login at both portals, and same for the teachers.目前，学习者可以在两个门户上登录，教师也可以登录。 What I am trying to do is to prevent the teachers to login at the learners' portal and vice versa.我想要做的是阻止教师登录学习者的门户，反之亦然。 I am not sure how to implement this.我不确定如何实现这一点。 I have made a setCustomUserClaim to give an identity to the two types of accounts on the authentication token.我已经创建了一个setCustomUserClaim来为身份验证令牌上的两种类型的帐户提供身份。 But I can only grab the auth token once the user is logged in, not before I think.但是我只能在用户登录后获取身份验证令牌，而不是在我想之前。 Also, I have a Firestore collection that stores all the info of the users including their identity.另外，我有一个 Firestore 集合，用于存储用户的所有信息，包括他们的身份。 But each user's document is named with their corresponding UID.但是每个用户的文档都以其对应的 UID 命名。 The latter can be grabbed once they login in as well.后者也可以在登录后获取。 Any idea on how to implement this?关于如何实现这一点的任何想法？

1 个解决方案

Firebase Authentication has no built-in way to distinguish between these two types of users. Firebase 身份验证没有内置方法来区分这两种类型的用户。 It simply authenticates the credentials that a user enters, and ensure that they're correct.它只是验证用户输入的凭据，并确保它们是正确的。 If certain users can only access a certain application or certain data, this is information that will have to come from you.如果某些用户只能访问某个应用程序或某些数据，则这些信息必须来自您。

The above is important to realize, so I'll repeat it: Firebase Authentication allows all users to authenticate as long as they provide the right credentials.认识到以上内容很重要，因此我将重复一遍：Firebase 身份验证允许所有用户进行身份验证，只要他们提供正确的凭据即可。 It has no way to block access to authentication based on application-specific information, such as your user-type.它无法根据特定于应用程序的信息（例如您的用户类型）阻止对身份验证的访问。 This type of authorization logic is part of your application, both in code and (if you use a Firebase Database) of your server-side security rules.这种类型的授权逻辑是您的应用程序的一部分，在代码和（如果您使用 Firebase 数据库）服务器端安全规则中都是如此。

A common way to implement your scenario is to add the information about the types of users to a database (such as Firebase's Realtime Database, or Cloud Firestore).实现您的场景的常用方法是将有关用户类型的信息添加到数据库（例如 Firebase 的实时数据库或 Cloud Firestore）。 In this data you could for example store the email addresses of all teachers.例如，您可以在此数据中存储所有教师的电子邮件地址。

Now with this information, your code can then determine whether the person who signed in to the site is a teacher or not.现在有了这些信息，您的代码就可以确定登录网站的人是否是教师。 If they're a teacher signing in to the student web site, you can redirect them, and vice versa.如果他们是登录学生网站的教师，您可以重定向他们，反之亦然。