Firebase temporary ban account
Question
I'm trying to create an app where you'll have to login / register. I'm able to permanently ban a user by creating a value called "Disabled" for his account and set this value to "Yes". Than I'll check each time he logges in if this value is Yes, if it is than he won't be able to login. Is it possible to temporary ban an account? I was thinking to save the current time when the ban happened and then add the amount of time for the ban. Then check each time the players logges in if the temporary ban value (the time) is higher than the current time, if so the player is still banned. If the value (the time) is lower than the player is unbanned. But I think they just could change this in the settings of their device.
Is there any other way to do this?
2 answers
solution1
3 2016-11-18 19:10:51
You can disable a user's account through the Firebase Admin SDK . But that won't automatically sign out the user. It will just prevent them from signing in again.
To prevent the user from making unauthorized changes, you'll probably also want to add a blacklist of disabled users to your database:
/bannedUsers
uid1: <banned-until-timestamp>
uid2: <banned-until-timestamp>
uid3: <banned-until-timestamp>
Then you can check this list from your security rules :
".write": "!root.child('bannedUsers').child(auth.uid).exists() ||
root.child('bannedUsers').child(auth.uid).val() < now"
solution2
3 ACCPTED 2016-11-18 19:27:29
Maybe an idea which might work for you:
To ban a user, create an entry in your database to the user to flag the user as banned with a timestamp NOW + X
{ "users" : {
"bad_user" : {
"banned" : {
"until" : 123456 // timestamp NOW + X
}
}
}
}
Now whenever the user logs in afterwards, you check wether the user is banned and immediately try to delete that entries. If it fails, penalty time is still running. If it succeeds, well then the user can use your app :)
The trick is to use firebase rules to restrict possible changes.
something like:
{
"rules" : {
"users" : {
"$uid" : {
// ...
"banned" : {
.write : "(!newData && now < data.child('until').val() )"
....
Please note - these are not working rules, but should help to figure it out.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.