如何使用 Firebase 后端处理 Flutter 中的用户角色? 客户端和管理应用程序或两者在一个应用程序中?
[英]How to handle with user role in Flutter with Firebase backend? Client & admin app or both in one app?
问题描述
I am working on a project that has 2 user role which is customer and seller.
我正在开发一个具有 2 个用户角色的项目,即客户和卖方。
Currently, Im using same app for both user roles.目前,我为两个用户角色使用相同的应用程序。 Let me explain quick: There is a LoginScreen for both users and if they log in with their email and password (also Im using Firebase) with Firebase's signInWithEmailAndPassword method, there is a function for detecting user's role.让我快速解释一下:两个用户都有一个LoginScreen ,如果他们使用Firebase's signInWithEmailAndPassword方法使用他们的电子邮件和密码(我也使用 Firebase)登录,则有一个用于检测用户角色的功能。
MY GOAL我的目标
There will be some different features and properties for Seller (add,update,delete some product).卖家会有一些不同的功能和属性(添加、更新、删除一些产品)。 And I don't know which is better seperate them for 2 app or both in one app ?而且我不知道哪个更好地将它们分开用于 2 个应用程序或两者在一个应用程序中?
Here is some part of that function's code:这是该函数代码的一部分:
if (user != null) {
if (isSeller != false) {
return const SellerHome();
} else {
return const CustomerHome();
}
} else {
return const LoginView();
}
As you can see, if the user has isSeller = true field in Firebase CloudStorage , it returns SellerHome .如您所见,如果用户在Firebase CloudStorage中有isSeller = true字段,则返回SellerHome 。 But if has not, returns CustomerHome.但如果没有,则返回CustomerHome。
But is this a safe or good way to handle with User Role Based Auth or not ?但这是否是处理User Role Based Auth的安全或好方法? Should I use Cloude Function for this?我应该为此使用 Cloude 函数吗?
Should I seperate CustomerHome and SellerHome?我应该将 CustomerHome 和 SellerHome 分开吗?
And I took a little look for Firebase Custom Claims and I actually don't get it well.我看了看 Firebase 自定义声明,实际上我并没有很好地理解它。 Clearly I can say I am not professional at Firebase and Flutter.显然,我可以说我在 Firebase 和 Flutter 方面并不专业。
1 个解决方案
解决方案1
0 2022-06-18 20:52:20
Whether you implement the end-user and app-admin functionality in separate apps or into a single app is a purely personal choice.无论您是在单独的应用程序中还是在单个应用程序中实现最终用户和应用程序管理功能,这纯粹是个人选择。 But either way it should not be a security risk.但无论哪种方式,它都不应该是安全风险。
With the code you shared, the worst that a malicious non-admin user can do is to show the SellerHome widget.使用您共享的代码,恶意非管理员用户可以做的最糟糕的事情就是显示SellerHome小部件。 This is typically not a security concern on its own, because the widget is harmless unless it also allows the user to perform seller functionality.这本身通常不是安全问题,因为小部件是无害的,除非它还允许用户执行卖方功能。 And since this functionality will require calls to some backend functionality, that is where you'll want to ensure that the user is authorized to perform the operation they are trying to perform.由于此功能需要调用某些后端功能,因此您需要确保用户有权执行他们尝试执行的操作。
For example, if you use one of Firebase's databases (Firestore or Realtime Database) as the backend of your app, you can use its server-side security rules to ensure all data access is authorized.例如,如果您使用 Firebase 的数据库之一(Firestore 或实时数据库)作为应用程序的后端,则可以使用其服务器端安全规则来确保所有数据访问都得到授权。 A common usage-pattern here is so-called content-owner only access , which can be easily accomplished in these rules.这里常见的使用模式是所谓的内容所有者仅访问,可以在这些规则中轻松完成。 There are many more ways to secure data access in these rules, and they can (and at times will ) be as complex as your front-end code.在这些规则中有许多方法可以保护数据访问,它们可能(有时会)与您的前端代码一样复杂。
If you're not using a Firebase database as your backend, you'll typically want to pass the ID token from the front-end code to your backend, verify the ID token there, and then determine (with your own logic) whether the not identified user is authorized to perform the action they requested.如果您没有使用 Firebase 数据库作为后端,您通常需要将 ID 令牌从前端代码传递到后端,在那里验证 ID 令牌,然后确定(使用您自己的逻辑)是否未识别的用户被授权执行他们请求的操作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.